Governance, Risk and Compliance | CyberSecurity Consultant

Avertium is looking for a Cyber Security Consultant that will be responsible for assisting in the delivery of cybersecurity services and solutions to clients. As a consultant, you will work closely with senior consultants and project teams to assess security risks, develop security strategies, implement controls, and provide guidance on improving clients' cybersecurity posture. This role requires a solid understanding of cybersecurity principles, excellent problem-solving skills, and the ability to communicate effectively with clients and team members.

Responsibilities:

* Security assessments:
Assist in conducting comprehensive cybersecurity assessments for clients, including vulnerability assessments, penetration testing, and risk assessments. Identify security gaps, evaluate risks, and provide recommendations for remediation.

* Security strategy development:
Collaborate with project teams to develop and implement cybersecurity strategies that align with clients' business goals and risk tolerance. Assist in defining security frameworks, policies, and roadmaps.

* Security controls implementation:
Assist in the implementation of security controls and technologies based on industry best practices and regulatory requirements. This may include configuring firewalls, intrusion detection systems, and encryption mechanisms.

* Compliance support:
Assist clients in achieving and maintaining compliance with relevant regulations and standards, such as GDPR, HIPAA, or PCI-DSS. Collaborate with project teams to develop compliance frameworks, conduct gap assessments, and provide recommendations for remediation.

* Security documentation and reporting:
Assist in documenting security procedures, processes, and findings. Contribute to the preparation of security assessment reports, project updates, and client presentations.

* Research and knowledge sharing:
Stay updated on the latest cybersecurity trends, threats, and technologies. Conduct research on emerging security risks and contribute to internal knowledge sharing initiatives.

* Client relationship management:
Develop and maintain strong relationships with clients. Provide timely and effective communication, manage client expectations, and ensure client satisfaction throughout the engagement.

Qualifications:

* Bachelor's or master's degree in Computer Science, Information Security, or a related field.

* 1-3 years of experience in cybersecurity, IT audit, or a related role.

* Solid understanding of cybersecurity principles, technologies, and best practices.

* Familiarity with security frameworks and standards, such as HITRUST, CMMC, NIST, ISO 27001, and PCI-DSS.

* Knowledge of networking protocols, operating systems, and cloud platforms

* Experience conducting SOC 2 Type 1 and Type 2 audits

Experience with working on HITRUST assessments (certification not required at hire)

Knowledge/experience on HIPAA compliance (Privacy & Security Rules, Breach Notification Rule)

Knowledge/experience of the NIST CSF framework

Comfortable writing Security Policies and Procedures

* Strong problem-solving and analytical skills.

* Excellent written and verbal communication skills.

* Ability to work effectively in a team and collaborate with cross-functional stakeholders.

* Relevant certifications such as CISM, CISSP, or CISA (preferred).

* Experience with Purview preferred
* #LI-CS1