Consultant - Cyber Security Job

:

Experience range: 5- 12 years

Cyber Security Expert

Primary Mandate

You will consult and support the Life Science Sector Cyber Security team operations across the entire Life Science organization / locations to protect the confidentiality, integrity, and availability of the IT assets, software-based products, applications and web sites. Your main task is ensuring that cyber security policies, standards, controls, and regulatory requirements are properly understood, planned and implemented.

Scope

• Implement and maintain technical and non-technical cyber security controls of the IT assets, software-based products, applications and web sites


• Technical controls include baseline security configuration for operating systems (e. g. , OS hardening), network segmentation, DMZ systems hardening, identity and access management (IAM), etc.


• Non-technical controls include working with corporate teams to embed controls in technology Procurement and working with the business application owners to ensure security process are properly applied throughout the entire application management life cycle.


• Participate in application-, infrastructure-, and business projects to provide security-planning advice. Together with the IT Solution Architects plan, deliver and document security architecture for various security solutions and projects.


• Participate in a Cyber Security Incidence Response Team (CSIRT) to cover information security incidents on a sector wide level.


• Development of cybersecurity awareness and training curriculum. Ensure security training and awareness programs are defined and executed.


• Contribute to internal projects in response to external compliance requirements, such as NIS2.

Qualifications

• Extensive industry experience, technical knowledge and proven information security competency through professional designation / certifications, such as CISSP, IISP, CRISC, CCSP, CISA or CISM.


• Ability to analyze security issues, manage conflicting priorities, and recommend a course of action with both technical and business perspective.


• Strong analytical and interpersonal communication skills, including the ability to communicate effectively and build consensus across organizational lines. Ability to collaborate with diverse team consisting of developers, architects, project managers, etc.


• Experience with security risk management frameworks based on industry standard (e. g. , ISO27005, NIS2, BSI) and regulations (e. g. , GDPR).


• Proven ability to manage and collaborate on large/complex projects.


• Strong documentation skills.


• Fluent in English.