Cybersecurity Consultant

Calling all cybersecurity freaks! Join our cutting-edge team and work on groundbreaking projects. Make a real impact. We're looking for passionate individuals ready to tackle exciting challenges and ground-breaking international projects.

As a Cybersecurity Consultant, you will be part of a multidisciplinary team and you will work in the Digital Security division of SAI. The ideal candidate will work with stakeholders in division to identify opportunities where our digital security advisory can provide added value delivering services to clients. The team is responsible for the provision of digital security consulting services to support our customers in maintaining their business-critical activities. As a candidate you will need to have a passion for discovering new approaches, working with diverse stakeholders to improve business outcomes and sharing knowledge.The team is made of experienced and junior consultants with a mix of specialties proper to each consultant.

𝐍𝐎𝐓𝐄: 𝐎𝐩𝐞𝐧 𝐎𝐍𝐋𝐘 𝐭𝐨 𝐜𝐚𝐧𝐝𝐢𝐝𝐚𝐭𝐞𝐬 𝐫𝐞𝐬𝐢𝐝𝐢𝐧𝐠 𝐢𝐧 𝐌𝐀𝐔𝐑𝐈𝐓𝐈𝐔𝐒.
𝐓𝐡𝐢𝐬 𝐢𝐬 𝐚 𝐅𝐑𝐄𝐄𝐋𝐀𝐍𝐂𝐄 𝐜𝐨𝐧𝐭𝐫𝐚𝐜𝐭 𝐚𝐧𝐝 𝐧𝐨𝐭 𝐚𝐧 𝐞𝐦𝐩𝐥𝐨𝐲𝐦𝐞𝐧𝐭 𝐜𝐨𝐧𝐭𝐫𝐚𝐜𝐭.

Responsibilities

• Design, implementation and maintenance of Information Security, Cybersecurity and Data Protection Management Systems based on relevant standards and regulations (e.g. ISO/IEC 27001, ISO/SAE 21434, SOX, GDPR, Cookies guidelines, ...)
• Support to achieve Compliance with Security and Personal Data protection standards and regulations
• Design of information Security policies, guidelines, processes and procedures
• Development of Information Security awareness and training initiatives (e.g. training and awareness programs, Security events, crisis and cyber incidents simulations, ...)
• Information Security project management by interacting with customers from a variety of work realities, from the automotive industry to the banking sector.
• Recommend industry best practices for vulnerability and threat management remediation.
• Work with internal customers to determine their need for security assessments, present and explain the employed methodology, and support them with feedback and verification during mitigation.
• Implementing secure SDLC, secure coding and security by design best practices
• Conduct static and dynamic analysis (SAST/DAST) on a variety of code bases and platforms.
• Through standard enterprise tools, discover security vulnerabilities in web and mobile applications and provide recommended remediation steps to developers.
• Enforce smart CI/CD security tooling (SAST, dependencies checker)
• Identify vulnerability in the source code and design of our products
• Fix vulnerabilities or support development team on fixing
• Develop training on secure coding techniques and security awareness for technical staff (e.g., software developers).

Qualifications

• 5 years’ experience delivering information security and infrastructure security reviews, risk and vulnerability management, technical system security configuration review
• Security qualification(s) such as CISSP, CISM, CEH, CISA, SSCP, ISO 27001, IT/ Computing Certifications (Cisco, Microsoft, Oracle, etc)
• Knowledge and application of information security frameworks and methodologies (e.g. NIST, ISO 27001, Data Protection, CIS Controls, OWASP) and other information security frameworks
• Successful track record in working in complex environments and large complex projects
• Advanced understanding of security protocols, cryptography, and security
• Strong analytical and problem-solving skills
• Knowledge of Agile process and principles
• Customer service orientated with good problem solving and analytical skills and the ability to communicate effectively at all levels

Desirable

• Experience implementing multi-factor authentication
• Experience implementing security solutions
• A well developed, practical understanding of Google Workspace solution
• A well developed, practical understanding of SaaS technologies
• Competence in Project Management best practices