Governance, Risk and Compliance | CyberSecurity Consultant

Cybersecurity Consultant

Avertium is looking for a CyberSecurity Consultant that will be responsible for assisting in the delivery of cybersecurity services and solutions to clients. As a consultant, you will work closely with senior consultants and project teams to assess security risks, develop security strategies, implement controls, and provide guidance on improving clients' cybersecurity posture. This role requires a solid understanding of cybersecurity principles, excellent problem-solving skills, and the ability to communicate effectively with clients and team members.

Responsibilities:

• Security assessments: Assist in conducting comprehensive cybersecurity assessments for clients, including vulnerability assessments, penetration testing, and risk assessments. Identify security gaps, evaluate risks, and provide recommendations for remediation.
• Security strategy development: Collaborate with project teams to develop and implement cybersecurity strategies that align with clients' business goals and risk tolerance. Assist in defining security frameworks, policies, and roadmaps.
• Security controls implementation: Assist in the implementation of security controls and technologies based on industry best practices and regulatory requirements. This may include configuring firewalls, intrusion detection systems, and encryption mechanisms.
• Compliance support: Assist clients in achieving and maintaining compliance with relevant regulations and standards, such as GDPR, HIPAA, or PCI-DSS. Collaborate with project teams to develop compliance frameworks, conduct gap assessments, and provide recommendations for remediation.
• Security documentation and reporting: Assist in documenting security procedures, processes, and findings. Contribute to the preparation of security assessment reports, project updates, and client presentations.
• Research and knowledge sharing: Stay updated on the latest cybersecurity trends, threats, and technologies. Conduct research on emerging security risks and contribute to internal knowledge sharing initiatives.
• Client relationship management: Develop and maintain strong relationships with clients. Provide timely and effective communication, manage client expectations, and ensure client satisfaction throughout the engagement.

Qualifications:

• Bachelor's or master's degree in Computer Science, Information Security, or a related field.
• 1-3 years of experience in cybersecurity, IT audit, or a related role.
• Solid understanding of cybersecurity principles, technologies, and best practices.
• Familiarity with security frameworks and standards, such as HITRUST, CMMC, NIST, ISO 27001, and PCI-DSS.
• Knowledge of networking protocols, operating systems, and cloud platforms
• Experience conducting SOC 2 Type 1 and Type 2 audits Experience with working on HITRUST assessments (certification not required at hire) Knowledge/experience on HIPAA compliance (Privacy & Security Rules, Breach Notification Rule) Knowledge/experience of the NIST CSF framework Comfortable writing Security Policies and Procedures
• Strong problem-solving and analytical skills.
• Excellent written and verbal communication skills.
• Ability to work effectively in a team and collaborate with cross-functional stakeholders.
• Relevant certifications such as CISM, CISSP, or CISA (preferred).
• Experience with Purview preferred
• #LI-CS1