Our client is one of the Top 4 Accounting and Auditing firms that are currently looking to recruit a Cyber Security Lead, Technology Consulting.
The Opportunity:
- Performing technical writing to communicate the preparation, testing, and recommendation phases for various security tests.
- Working with stakeholders to remediate system vulnerabilities.
- Training team members and colleagues on the latest cybersecurity tactics, techniques, and procedures (TTPs) to grow the skills of the firm.
- Understanding of various security technologies including endpoint security, perimeter security, advanced threat protection, malware defense, and security management.
- Writing business proposals and responses to client RFP/ RFIs.
- Identifying business opportunities and leading delivery and program management for large cybersecurity programs.
- Delivering team and client relationship management.
- Expertise in the phases of penetration testing. Familiarity with Kali Linux distribution and the associated penetration testing tools suite. Experience in penetration testing simulations like Hack the Box or Capture the Flag exercises is considered a plus.
- Good Understanding of OWASP top 10 and mitigation techniques.
- Experience in performing web application security assessments using hands-on techniques for identifying SQL injections, XSS, Security Misconfiguration, CSRF, and authentication/ authorization issues.
- Database testing: MSSQL, Oracle, MySQL, NoSQL.
- Understanding of cyber security management, cyber analytics, security intelligence platforms, and threat intelligence frameworks.
- Experience in both commercial, open-source tools and frameworks but not limited: Burpsuite, Metasploit, Core-Impact, Kali-Linux, AppScan, WebInspect, SSLScan, Soap UI Pro, SonarQube, Qualys, Nikto, Nessus, nmap, sqlmap, OWASP ZAP.
The Requirements:
- Possession of a recognised Degree in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology, or a related discipline (STEM) is preferred.
- Possession of Certifications such as: CEH, ECSA, OSCP, CISSP, CCSK, OCSE, CCSP, CISM, CISA or other relevant qualifications.
- Minimum 7 years of professional experience with at least 4-5 years in client-facing advisory consulting roles and managing a medium-sized team.
- Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS).
- Strong understanding of security risks in networks and application platforms.
- Strong understanding of network security, infrastructure security, and application security.
- Strong understanding of OSI, TCP/IP model and network basics.
- Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming.
- Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms.
- Broad knowledge of security technologies for applications, databases, networks, servers, and desktops.
- Solid technical skills in both information security architecture and penetration testing and the ability to assess testing tools and deploy the right ones.
- Scripting and programming experience is beneficial.
- Ability to perform manual penetration testing.
- Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing.
- Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity posture against malicious actors.
- Conduct security research on the latest emerging advanced persistent threats (APTs), malware, and other security developments to assist in enterprise security efforts.
- Apply this security research to assessments.
Personal Characteristics:
- Business awareness and high motivation
- Excellent organizational and time management skills
- Strong analytical and interpretative skills
- Teamwork
- Demonstrated integrity within a professional environment.
- Strong interpersonal skills, self-motivation, professional discipline, accuracy, reliability, and excellent analytical skills.
The Benefits:
- Financial Competitive remuneration package (incl. 13th salary)
- Bonus Scheme that reflects firm & individual performance
- Provident Fund
- Health and Wellbeing:
- Holistic programme to support employees’ wellbeing
- In-house occupational psychologist
- Occupational doctor
- Gym benefits
- Running Club
- Social committee
- Life Within
- Excellent opportunities for career development & advancement
- Hybrid working model (working from the office, client and home)
- Flexible working hours
- Friday afternoon off
- Flex Fridays for July & August (Reduced Hours – 36hours)
- Reduced hours & Mother’s scheme working options
- Paid Maternity & Paternity Leave
- Paid Sick Leave
- Holiday entitlement from the 1st day you join
- Global Mobility programme
- Dress for your Day
- Free Parking
To apply:
Please send your CV to StaffMatters at admin@smstaffmatters.com and mention that you are applying for the vacancy of Cyber Security Lead, Technology Consulting with reference number 2228.
Or you can apply directly through your candidate login by hitting the APPLY button.