Information Security Consultant

• Successfully completed university studies in the field of computer science or engineering, preferably with a focus on IT security, cyber security or information security
• 3+ years of working experience in at least two of the following areas: Security Monitoring Implementation and Support, including Incident response (SIEM – ArcSight, Splunk, DLP etc.), Cyber Security (Enterprise Penetration Testing, Adversary Hunting, IoT/Embedded Security etc.), Infrastructure Security (IPS/IDS, NextGen Firewalls, VPN technologies, AntiSpam, Proxy,etc.), Identity and Access Management (Oracle Identity Management, Sailpoint IdentityIQ, Forgerock, Oracle Access Management, RSA etc.), Application Security (Data security & privacy, APIs Security, SSDLC, Threat modeling etc.)
• Sound knowledge and pronounced interest in IT security
• Experience in implementing security controls to improve system/platform overall security
• Current understanding of Industry trends and emerging threats
• Knowledge in security standards and regulations: NIST, ISO, PCI DSS, GDPR, PSD2
• Ability to work independently and pro-actively contribute in a global team environment
• Excellent interpersonal, organizational, documentation, and communication skills; able to concisely communicate security risks to both technical and business audiences
• Presentation skills with a high degree of comfort delivering presentations to both large and small audiences
• Understanding of applications, server, and network security and compliance requirements (including operational requirements needed to be GDPR compliant)
• Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
• Fluency in English
• Travel availability

• Previous technical background in:

        - Web application development/ architecture or related fields

        - JAVA, .NET, PHP, Ruby, Perl, Python and/or C/C++ experience

• Industry certification from vendors: ISC2, ISACA, GIAC, EC-Council, CompTIA, ITIL, Comptia Security +
• Knowledge in Risk and Compliance Management, Operational Models, Business Continuity Plan, Disaster Recovery Plan
• Solid understanding of network services, vulnerabilities, and attacks
• Knowledge of SIEM tools / Log Analysis
• Experience in security assessment for enterprise products using different tools, manual penetration testing methods and code review
• Experience in risk assessments in connection with GDPR requirements, including data security, security breach notifications, privacy by design and fair processing
• Understanding of emerging IoT/Mobile technologies and communications protocols
• Experience developing IoT solutions by getting hands one experience with devices and code
• Hands-on experience with IT security in the cloud environment as an architect, in development and/or operation, especially AWS and Microsoft Azure
• Previous experience in adjacent areas such as, Security Operations Center, Network Operations Center, System Administrator, Platform/Tool Support Engineer, IT Helpdesk support