Responsibilities:

Works in partnership with clients, advising them on information technology and cyber-security practices in order to meet their business objectives or overcome problems, work to improve structure and efficiency of an organization's I&IT systems.

The I&IT Consultant may be used to provide strategic guidance to organizations with regard to Information Management & IT technology, Cyber-Security practices and safeguards, IT infrastructures and the enablement of major business processes through enhancements to IT.

Provides subject matter expertise in their field and highly expert technical assistance.

General Skills:

Acts as the technical advisor/expert on all aspects of a specific deliverable

Provide the quality assurance/quality control of specific deliverables

Anticipates and resolves problems to ensure that the deliverables are completed within budget, to the highest quality, meeting or exceeding expectations

Develops processes and procedures for implementing deliverables

Prepares reports and presentations including options, recommendations, implementation plans, etc.

Works with clients to define the scope of a project and to determine requirements

Defines software, hardware and network requirements

Analyzes I&IT and security requirements giving independent and objective advice on the use of I&IT Designs, tests, installs and monitors new systems and develops solutions and implementation of new systems

Familiar with change-management principles and methodology

Knowledge and understanding of Information Management principles, concepts, policies and practices

Experience and Skill Set Requirements

· Proficiency in cyber-security-related practices, including knowledge of safeguards, is preferred. Prior experience in this area would be advantageous.

Experience in planning, organizing and implementing security related efforts for large systems

· Knowledge of Cyber-Security principles, including threat modeling, risk assessment, and security controls and Familiarity with common security frameworks such as NIST Cybersecurity Framework, ISO 27001, or CIS Controls.

· Experience in Application security and network security and their safeguards.Knowledge of risk management practices and strategies to mitigate identified risks. This includes ability to assess risks related to sensitive data

· Experience in Security Architecture and design. This includes designing secure systems and network considering factors like access controls, encryption, and secure communication channels

· Familiarity with Privacy laws and understanding of privacy regulations

· Experience creating security strategy documentation, plans and test scenarios for various types and phases of security testing

· Proficient in Endpoint, Network and Cloud related aspects in data leakage prevention

· Experience in understanding data flows both inside and outside the organization

· Experience in facilitating meetings with various stakeholders

· Experience in leading initiatives involving stakeholders across multiple organizations

· Experience creating reports and documentation and presenting to various stakeholders seeking approval

· Experience leading a team of security staff and vendors, working closely with the project leads

· Knowledge and experience in the use of security-related tools and frameworks

· Experience working in an agile environment

· Knowledge of cloud native applications

· Must-haves:

· Experience in planning, organizing and implementing security related efforts for large systems

· Knowledge of Cyber-Security principles, including threat modeling, risk assessment, and security controls and Familiarity with common security

Experience in Application security and network security and their safeguards