Cyber Security Consultant

We are looking for a proficient Security Consultant to lead and execute security assessments and initiatives, specializing in Web Application Firewalls (WAF), Proxies, Data Loss Prevention (DLP), Vulnerability Assessment and Penetration Testing (VAPT), and digital security evaluations for web and mobile applications. This role requires close collaboration with internal stakeholders to enhance the security and compliance of our digital ecosystem, utilizing tools like Forcepoint (Proxy, DLP) and F5 (WAF).

Key Responsibilities

WAF Implementation and Management

• Configure and manage F5 Web Application Firewalls to safeguard digital assets.
• Regularly review and update WAF policies, responding to new threats and application updates.
• Collaborate with development and IT teams to address false positives and optimize WAF performance.

Proxy Management

• Implement and manage Forcepoint Proxy, monitoring and controlling web traffic.
• Conduct regular assessments to ensure compliance with security policies and prevent unauthorized access.
• Work with IT to resolve proxy-related issues and optimize performance.
• Implement Forcepoint DLP to enforce data protection strategies and prevent leaks.
• Perform risk assessments to identify data loss vectors and establish appropriate controls.
• Develop guidelines for data classification and handling, in collaboration with relevant departments.

Vulnerability Assessment and Penetration Testing (VAPT) Coordination

• Plan, coordinate, and conduct VAPT activities for web and mobile applications.
• Analyze findings, offering actionable recommendations to mitigate risks.
• Engage third-party security vendors as needed and ensure compliance with industry standards.

Internal Security Assessments

• Perform security assessments and audits on internal applications and systems, focusing on digital security.
• Develop assessment plans, conduct risk analyses, and report on findings with clear remediation steps.

Compliance and Documentation

• Ensure adherence to industry standards, regulations, and internal policies.
• Document security processes, incidents, assessment results, and maintain updated records of protocols.

Collaboration and Stakeholder Management

• Work with IT, development, legal, and compliance teams to implement security controls.
• Serve as a primary contact for coordinating assessments and security initiatives.
• Conduct training and awareness sessions on security best practices.

Qualifications and Skills

Educational Background

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field.
• Relevant certifications (e.g., CEH, OSCP) are preferred.

Experience

• 5+ years in cybersecurity, specializing in WAF, Proxy, DLP, VAPT, and security assessments for web and mobile applications.
• Experience in coordinating VAPT activities and managing third-party security vendors.

Technical Skills

• Proficient in Forcepoint Proxy, DLP, F5 WAF, and VAPT tools (e.g., Burp Suite, OWASP ZAP).
• Knowledgeable in security standards and frameworks (e.g., OWASP, ISO 27001, PCI-DSS).
• Familiar with vulnerability scanning, risk assessment methodologies, and secure coding practices.
• Optional: Knowledge of DevSecOps practices is a plus.

Soft Skills

• Strong communication and collaboration skills across departments.
• Analytical mindset with problem-solving abilities.
• Proficient in documenting findings in both technical and non-technical language.

Preferred Qualifications

• Certifications: CEH, OSCP, or equivalent security certifications.
• Industry Experience: Experience in digital security within financial, retail, or healthcare industries is preferred.