Governance, Risk and Compliance | CyberSecurity Consultant

Avertium is looking for a Cyber Security Consultant that will be responsible for assisting in the delivery of cybersecurity services and solutions to clients. As a consultant, you will work closely with senior consultants and project teams to assess security risks, develop security strategies, implement controls, and provide guidance on improving clients' cybersecurity posture. This role requires a solid understanding of cybersecurity principles, excellent problem‑solving skills, and the ability to communicate effectively with clients and team members.

• Security assessments:
  Assist in conducting comprehensive cybersecurity assessments for clients, including vulnerability assessments, penetration testing, and risk assessments. Identify security gaps, evaluate risks, and provide recommendations for remediation.
• Security strategy development:
  Collaborate with project teams to develop and implement cybersecurity strategies that align with clients' business goals and risk tolerance. Assist in defining security frameworks, policies, and roadmaps.
• Security controls implementation:
  Assist in the implementation of security controls and technologies based on industry best practices and regulatory requirements. This may include configuring firewalls, intrusion detection systems, and encryption mechanisms.
• Compliance support:
  Assist clients in achieving and maintaining compliance with relevant regulations and standards, such as GDPR, HIPAA, or PCI‑DSS. Collaborate with project teams to develop compliance frameworks, conduct gap assessments, and provide recommendations for remediation.
• Security documentation and reporting:
  Assist in documenting security procedures, processes, and findings. Contribute to the preparation of security assessment reports, project updates, and client presentations.
• Research and knowledge sharing:
  Stay updated on the latest cybersecurity trends, threats, and technologies. Conduct research on emerging security risks and contribute to internal knowledge sharing initiatives.
• Client relationship management:
  Develop and maintain strong relationships with clients. Provide timely and effective communication, manage client expectations, and ensure client satisfaction throughout the engagement.

• Bachelor's or master's degree in Computer Science, Information Security, or a related field.
• 1-3 years of experience in cybersecurity, IT audit, or a related role.
• Solid understanding of cybersecurity principles, technologies, and best practices.
• Familiarity with security frameworks and standards, such as HITRUST, CMMC, NIST, ISO 27001, and PCI‑DSS.
• Knowledge of networking protocols, operating systems, and cloud platforms.
• Experience conducting SOC 2 Type 1 and Type 2 audits.
• Experience working on HITRUST assessments (certification not required at hire).
• Knowledge/experience on HIPAA compliance (Privacy & Security Rules, Breach Notification Rule).
• Knowledge/experience of the NIST CSF framework.
• Comfortable writing Security Policies and Procedures.
• Strong problem‑solving and analytical skills.
• Excellent written and verbal communication skills.
• Ability to work effectively in a team and collaborate with cross‑functional stakeholders.
• Relevant certifications such as CISM, CISSP, or CISA (preferred).
• Experience with Purview preferred.