Role Purpose(s)
The Lead Cyber Security Consultant is responsible for protecting the organization's information systems and data assets by implementing and maintaining effective cybersecurity controls, policies, and procedures. The role ensures compliance with international standards such as ISO/IEC 27001 and acts as a key point of contact for internal and external stakeholders on cybersecurity matters.
Key Accountabilities
- Safeguard the confidentiality, integrity, and availability of information assets.
- Lead the implementation and maintenance of ISO/IEC 27001 controls and certification.
- Assist Security Operations Center (SOC) in performing security event triage, investigation, and escalation, ensuring timely and accurate incident handling.
- Manage cybersecurity incidents, risks, and vulnerabilities.
- Ensure compliance with internal policies and external regulatory requirements.
- Liaise with customers and partners on cybersecurity-related concerns and requirements.
Job Responsibilities & Duties
- Develop and enforce cybersecurity policies, standards, and procedures.
- Conduct regular risk assessments, vulnerability scans, and security audits.
- Monitor security systems and respond to threats and incidents.
- Coordinate incident response and post-incident reviews.
- Oversee identity and access management processes.
- Provide cybersecurity advisory and support to internal teams and external customers.
- Engage with customers to address cybersecurity queries, share best practices, and support compliance efforts.
- Deliver security awareness training across the organization.
- Prepare and present reports on security posture, incidents, and risk mitigation to senior management.
- Collaborate with external auditors, regulators, and customers during assessments and reviews.
- Support SOC operations by assisting in security event triage, investigation, and coordination of escalations, ensuring timely and effective threat response
- Any other duties assigned
Key Job Competencies
- Stakeholder Engagement
- Manages Complexity
- Resilience
- Customer Focus
- Manages Conflict
- Results Oriented
Education Requirements
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Professional certifications: CISSP (Certified Information Systems Security Professional) and/or CISM (Certified Information Security Manager) are required.
Working Experience Requirements
- Minimum 5 years of experience in IT security or cybersecurity operations.
- Hands-on experience with ISO/IEC 27001 implementation and audits.
- Proven track record in managing security incidents and risk assessments.
- Experience in customer-facing roles related to cybersecurity is highly desirable.
Skills Required
- Proficiency in security technologies (e.g., SIEM, IDS/IPS, DLP, endpoint protection).
- Deep understanding of cybersecurity frameworks and standards (e.g., ISO/IEC 27001, NIST).
- Strong knowledge of network, application, and cloud security.
- Risk management and vulnerability assessment expertise.
- Incident response capabilities.
- Proficient in writing scripts and security queries using languages such as Kusto Query Language (KQL), enabling effective threat hunting, log analysis, and automation of security monitoring tasks.
- High level of professionalism, integrity, and discretion.
- Strong analytical and problem-solving skills.
