-
View all jobs
Are you passionate about cyber security? Do you enjoy helping organizations enhance their cyber resilience? Can you conduct risk assessments and facilitate collaboration between business and IT on cyber security matters? Are you an expert in privacy regulations and other legal requirements related to information security?
If so, WithSecure Consulting might have the perfect job for you!
We are looking for a Security Advisory Consultant to join our Consulting Team in the exciting journey of improving our clients' information security posture and cyber resilience. In this role, you'll perform risk assessments, conduct PCI DSS evaluations, and build tailored security programs. You'll define risk mitigation strategies, establish governance frameworks, and advise on security objectives, strategy, and budget. Building strong, long-term client relationships across various departments is key. While a technical background is an advantage, it is not a requirement.
What We're Expecting From You
If so, WithSecure Consulting might have the perfect job for you!
We are looking for a Security Advisory Consultant to join our Consulting Team in the exciting journey of improving our clients' information security posture and cyber resilience. In this role, you'll perform risk assessments, conduct PCI DSS evaluations, and build tailored security programs. You'll define risk mitigation strategies, establish governance frameworks, and advise on security objectives, strategy, and budget. Building strong, long-term client relationships across various departments is key. While a technical background is an advantage, it is not a requirement.
What We're Expecting From You
- 3+ years of professional experience in at least one of the following areas:
- Privacy: Ensuring compliance with privacy laws and regulations, and implementing privacy-by-design principles in systems and processes.
- ISO/IEC 27001: Implementing and maintaining an ISMS based on the ISO/IEC 27001 standard, including conducting internal audits and achieving certification.
- Security Improvement Programs: Designing and executing programs aimed at enhancing an organization's overall security posture, including the development of security policies, procedures, and controls.
- Information Security Frameworks: In-depth knowledge of various information security frameworks such as CIS, NIST, PCI DSS, and national frameworks.
- Legal Requirements for Information Security: Familiarity with legal and regulatory requirements related to information security, such as NIS, GDPR, and other national legislation.
- Risk Assessment and Threat Modelling: Conducting risk assessments to identify and evaluate potential threats and vulnerabilities, and developing threat models to understand and mitigate risks.
- Cyber Maturity Assessment and IT Audit: Assessing an organization's cybersecurity maturity level and conducting IT audits to evaluate the effectiveness of security controls and identify areas for improvement.
- Governance, Risk, and Compliance: Establishing and maintaining GRC programs to ensure that security practices align with business objectives and regulatory requirements.
- Proficiency in Finnish and English
- Being an awesome colleague!
- Recognized certifications in risk, security, and privacy management, IT management, and project management, such as CISSP, CISM, ISO27001, and CISA
- Experience with agile process models and various software development lifecycles
- Technical architecture skills, including cloud architecture
- Ability to collaborate effectively with roles in software development, such as technical architects, software developers, and product managers, on their terms
- Continuous learning: We invest in your education and support your development through relevant training, conferences, and certifications. You'll also have opportunities to learn on the job and from your colleagues. We arrange monthly knowledge-sharing sessions for the whole team to ensure you benefit from our in-house expertise (and can spread your wisdom, too).
- Research time: If you're passionate about security research, you'll have dedicated time to pursue it and collaborate with brilliant minds. We'll support you in writing blog posts and presenting at conferences. Our team has presented at notable events like Defcon and Disobey, among others.
- Top-notch team: We are a team of true cyber security experts. Join us to work with and learn from the best in the industry. Iron sharpens iron, after all.
Key Skills
Ranked by relevance
cyber security
pci dss
dss
security practices
cybersecurity
cissp
cloud
gdpr
cism
nist
cis
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Cyber Security Advisor
2025-11-07
Full-time
Mid-Senior
Finland
IT Services
Information Technology
View Job Details
Related
Senior DevOps Engineer
2026-01-08
Full-time
Mid-Senior
Finland
IT Services
Engineering
View Job Details
Related
Senior DevOps Engineer
2026-01-03
Full-time
Mid-Senior
Finland
IT Services
Engineering
Login to Apply
- Posted
- Dec 25, 2024
- Type
- Full-time
- Level
- Mid-Senior
- Location
- Helsinki
- Company
- WithSecure
Industries
IT Services
IT Consulting
Computer
Network Security
Software Development
Categories
Information Technology
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Cyber Security Advisor
2025-11-07
Full-time
Mid-Senior
Finland
IT Services
Information Technology
View Job Details
Related
Senior DevOps Engineer
2026-01-08
Full-time
Mid-Senior
Finland
IT Services
Engineering
View Job Details
Related
Senior DevOps Engineer
2026-01-03
Full-time
Mid-Senior
Finland
IT Services
Engineering