Junior Cybersecurity Consultant

Goals and deliverables

GRC Tasks

- Review, adaptation, and improvement of procedures.

- Support in ISO 27001 audits.

- Creation of action plans.

- Review of controls according to ISO 27001.

- Review of controls according to NIST 2.

- Internal training and awareness in cybersecurity.

- Analysis, control, assessment, and mitigation of vulnerabilities.

- Crisis scenario simulation project.

- Process improvement aligned with business objectives.

Other Functions

- Meetings with different projects to ensure compliance with security standards.

- Support in relevant improvement processes for information security.

- Completion of security measures questionnaires for clients.

- Internal awareness campaigns and subsequent presentation to the executive committee.

Requirements

- Shell scripting experience with Perl and/or Python.

- Scripting notions with Bash and/or PowerShell.

- Experience with static and dynamic analysis methodologies for different types of applications and platforms.

- Experience working with Web Application Firewalls, IDS and IPS.

- Hands-on experience with Unix/Linux/Windows operating systems.

- Knowledge of Cloud: Azure and AWS fundamentals

- Secure, test API vulnerabilities and how to address them.

- Experience in Source code review and Analysis.

- Knowledge of network protocols, data on the wire, application design and architecture, and different classes of application security flaws.

- Knowledge of ISO 27001 and NIST2

- Knowledge of auditing or security tools and solutions.

- Ability to document and explain technical details in a concise and understandable manner.

- Ability to multitask

- Ability to manage external / internal stakeholders

- Master's degree in information security desirable, not exclusive.

- 2+ years of experience applying monitoring and compliance controls on developments.