Job Profile: IT Security Consultant

DEPARTMENT: Information Technology

Experience: 3 years and above

Location: Gurugram, Haryana

Job Type: Full-time/ Permanent

Requirements:

• Minimum 4 years of IT experience, with at least 5 years in information security, including 2 years in a supervisory role.
• Familiarity with OWASP and ASVS rules is mandatory.
• Prior experience with configuring Web Application Firewalls and handling attacks that can be mitigated by WAF is a must.
• Excellent interpersonal and communication skills.
• Proficiency in English, with an international mindset for multicultural environments.

Responsibilities:

• Develop and manage security strategies.
• Conduct information security audits and manage security stacks (e.g., CrowdStrike NGAV and EDR, Akamai WAF).
• Perform penetration testing and vulnerability assessments in accordance with OWASP and ASVS rules and have the knowledge to manage and work on other VAPT requirements.
• Implement technological upgrades and improvements to the security environment.
• Provide security awareness training and onboarding for personnel.
• Assess technology architecture for vulnerabilities and weaknesses.
• Communicate security goals and new programs effectively with department managers.
• Ensure compliance with security management frameworks and data privacy regulations.
• Develop and maintain policies, procedures, standards, and guidelines.
• Act as a focal point for the security team and third-party vendors.
• Lead and guided information security team members and IT operations personnel.

Preferred:

• Certifications like CISSP, CISA, CISM, ISO 27001 Lead Auditor/Implementor.
• Hands-on experience with Wireshark, Burp Suite, custom tools using Python etc. or similar tools for penetration testing.
• Good experience in any one WAF tool, especially Akamai-based WAF is a great addition.
• Strong experience in security incident management beyond SIM tools, emphasizing proactive security measures over-reactive ticketing.