Job Description- IT Security Consultant

Job Summary

The IT Security Consultant is responsible for assessing, designing, and improving information security controls to protect the organization's systems, networks, applications, and data. The role works with business and technical teams to identify security risks, recommend mitigation strategies, ensure compliance with security standards, and support security initiatives.

Key Responsibilities

• Assess security risks and vulnerabilities across IT systems and infrastructure.
• Conduct security reviews, audits, and risk assessments.
• Recommend and implement security controls and best practices.
• Support the development and maintenance of information security policies, standards, and procedures.
• Monitor security incidents and assist in incident response activities.
• Perform vulnerability assessments and coordinate remediation efforts.
• Ensure compliance with regulatory and industry security requirements.
• Review system architectures and provide security guidance during project implementation.
• Support identity and access management processes.
• Assist with security awareness and training programs.
• Prepare security reports, findings, and recommendations for stakeholders.
• Collaborate with IT, business, and external vendors to address security concerns.

Required Qualifications

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
• 3–7 years of experience in information security, cybersecurity, or IT risk management.
• Understanding of network, application, cloud, and infrastructure security concepts.
• Knowledge of security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, and CIS Controls.
• Experience with vulnerability management and security assessment tools.
• Strong analytical, problem-solving, and communication skills.

Preferred Qualifications

• Security certifications such as CISSP, CISM, CEH, or CompTIA Security+.
• Experience with cloud security platforms and security monitoring tools.
• Knowledge of regulatory requirements and compliance programs.

Key Skills

• Information Security
• Risk Assessment & Management
• Vulnerability Management
• Security Architecture Review
• Incident Response
• Identity & Access Management (IAM)
• Network Security
• Cloud Security
• Security Compliance & Audits
• Security Policies & Governance
• Threat Analysis
• Stakeholder Management
• Technical Documentation