Information Security Consultant

Job Title : Information Security Consultant

Role Purpose

Provide expert advisory services to strengthen the enterprises information security posture. Assess risks, recommend solutions, and ensure alignment of security initiatives with business objectives, regulatory requirements, and industry best practices.

Key Responsibilities

• Conduct enterprise-wide risk assessments, security reviews, and gap analyses
• Develop, review, and recommend security policies, standards, and procedures
• Align security strategies and initiatives with business goals and regulatory requirements
• Provide guidance on the design and implementation of security controls and architecture
• Support regulatory compliance efforts and audit readiness activities
• Collaborate with IT, risk, and business stakeholders to embed security best practices across projects
• Deliver clear reports, presentations, and recommendations to senior management and stakeholders

Required Experience & Skills

• 7+ years of experience in information security, risk management, or security consulting
• Strong knowledge of security frameworks, standards, and regulatory requirements (ISO 27001, NIST, CIS, GDPR, etc.)
• Proven experience performing risk assessments, vulnerability assessments, and security advisory work
• Excellent stakeholder management, communication, and presentation skills
• Ability to translate complex security concepts into actionable business recommendation

Nice to Have

• Experience in cloud security architecture and advisory (AWS, Azure, GCP)
• Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor
• Familiarity with emerging security technologies and threat intelligence
• Hands-on experience with security architecture design and secure software development practices
• Prior experience in financial services, critical infrastructure, or highly regulated environments