Cyber Security Consultant

About the Company:

Our client is a renowned management consultancy based in Oslo, Norway, with a global presence and a strong reputation for delivering high-quality solutions across a wide range of industries. They specialise in helping organisations navigate complex challenges in the digital and cybersecurity landscape, providing strategic advisory services, technical expertise, and transformative solutions. They are currently looking for a talented Cyber Security Consultant to join their dynamic team and support clients in developing and implementing robust cyber security frameworks to protect their critical assets.

Position Overview:

The Cyber Security Consultant will be responsible for advising clients on how to address their cybersecurity challenges and ensure their organisations are protected against evolving threats. The role will involve a variety of tasks, from assessing security risks and developing security strategies to implementing cutting-edge security solutions across multiple domains. The company is open to candidates with varied backgrounds in cyber security, with a particular need for expertise in Cloud Security, Application Security, Security Architecture, Network Security, Information Security, GRC, and Infrastructure Security.

Key Responsibilities:

• Security Assessments & Risk Management: Conduct comprehensive security assessments to identify vulnerabilities, risks, and threats within clients' existing security frameworks, systems, and processes.
• Cyber Security Strategy & Consulting: Provide expert advice on how to build and improve cybersecurity strategies, policies, and procedures across multiple areas such as Cloud Security, Application Security, Network Security, and more.
• Security Architecture: Design, implement, and optimize secure architectures for IT systems, applications, and networks, ensuring a strong security posture while maintaining business performance.
• Cloud Security: Specialize in the security of cloud environments (e.g., AWS, Azure, Google Cloud), advising clients on best practices for securing cloud-based applications, infrastructure, and data.
• Application Security: Lead efforts to implement secure software development life cycle (SDLC) practices, vulnerability assessments, penetration testing, and secure coding principles within clients' application ecosystems.
• Network Security: Design and implement network security measures, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and more to ensure the protection of clients' networks from unauthorized access and cyber-attacks.
• Governance, Risk & Compliance (GRC): Assist clients in implementing and maintaining robust Governance, Risk, and Compliance frameworks, ensuring compliance with regulatory requirements and industry standards (e.g., GDPR, ISO 27001).
• Infrastructure Security: Provide guidance on securing clients' IT infrastructure, including physical, virtual, and cloud environments, focusing on identity management, access controls, and security monitoring.
• Incident Response & Security Operations: Assist clients in developing incident response plans and conducting security operations, including detecting, analyzing, and mitigating cyber threats and security breaches.
• Security Awareness Training: Educate clients on best practices for information security and conduct training sessions for employees to raise awareness of security risks, phishing attacks, and other cyber threats.
• Collaboration: Work closely with clients’ internal teams and external stakeholders to ensure that security initiatives align with broader business objectives and technical environments.

Required Skills and Experience:

• Varied Cyber Security Expertise: A solid background in cyber security, with experience in at least one of the following areas: Cloud Security, Application Security, Security Architecture, Network Security, Information Security, GRC, and Infrastructure Security.
• Security Risk Assessment: Experience in performing security assessments and identifying, evaluating, and mitigating risks associated with technology, processes, and people.
• Cloud Security Knowledge: Strong understanding of securing cloud environments and services (AWS, Azure, Google Cloud), including identity management, encryption, and access controls.
• Application Security: Knowledge of secure software development practices, vulnerability management, secure coding, and penetration testing.
• Security Architecture: Experience designing and implementing secure architectures for both on-premise and cloud environments, with knowledge of firewalls, encryption, VPNs, and other security technologies.
• Network Security: Experience in designing and implementing network security measures to safeguard internal and external networks from unauthorized access, malware, and cyber-attacks.
• GRC Knowledge: Understanding of Governance, Risk, and Compliance frameworks, as well as regulatory requirements such as GDPR, HIPAA, PCI-DSS, etc.
• Certifications: Relevant industry certifications such as CISSP, CISM, CISA, AWS Certified Security Specialty, Azure Security Engineer, or other cybersecurity-related qualifications.
• Problem Solving & Analytical Skills: Strong ability to assess complex security issues, provide strategic solutions, and clearly communicate risks and recommendations to clients.
• Collaboration & Communication Skills: Excellent communication and interpersonal skills, with the ability to collaborate effectively with clients, technical teams, and non-technical stakeholders.
• Experience in Consulting: Prior experience in a consulting role is a plus, with an ability to adapt to various client environments and challenges.

Preferred Qualifications:

• Advanced Certifications: Any advanced certifications such as Certified Cloud Security Professional (CCSP), Offensive Security Certified Professional (OSCP), or Certified Information Systems Auditor (CISA) are a plus.
• Industry Experience: Previous experience in a consulting environment is a must.
• Language Skills: Proficiency in Norwegian is required.

Thank you for your application. If successful, we will contact you within 48 hours to discuss your application in more detail. Please assume your application has been unsuccessful if you do not hear back from us within 48 hours.