We are seeking an experienced Senior Security Consultant to join our team and play a critical role in a large-scale digital transformation and divestiture program for a global client. This position is ideal for a deep technical specialist with expertise in enterprise-grade security tooling, frameworks, and operational awareness of Security Operations Centers (SOC). As a Senior Security Consultant, you will focus on designing, implementing, and optimizing security solutions for a newly independent business. Leveraging tools such as CrowdStrike, Nessus, and other enterprise security platforms, you will ensure the organization's digital assets are protected, compliant, and aligned with best practices. A strong foundation in frameworks such as NIST, ISO27001, and broader SOC processes is essential.
Key Responsibilities:
- Security Tooling Implementation & Management:
- Design, deploy, and optimize enterprise-grade security tools, including CrowdStrike, Nessus, and complementary technologies.
- Ensure security tooling integration aligns with broader digital transformation goals.
- Configure and fine-tune tools to identify, prevent, and respond to security threats effectively.
- Framework Compliance & Alignment:
- Develop and maintain security controls aligned with NIST, CSA CCM and ISO27001 frameworks.
- Conduct assessments and implement controls to ensure compliance with industry standards.
- Provide guidance on maintaining security posture during the divestiture process.
- Security Operations Center (SOC) Enablement:
- Collaborate with SOC teams to ensure robust incident detection, response, and recovery capabilities.
- Assist in defining and implementing SOC processes, playbooks, and escalations.
- Provide input into threat hunting and monitoring strategies to enhance SOC capabilities.
- Risk Assessment & Mitigation:
- Identify security risks in the divestiture process and recommend appropriate mitigation strategies.
- Conduct vulnerability assessments and ensure remediation plans are executed effectively.
- Work with cross-functional teams to ensure end-to-end security during and post-divestiture.
- Stakeholder Collaboration:
- Engage with business leaders, technical teams, and external vendors to ensure security priorities are embedded in all aspects of the program.
- Communicate complex security concepts to non-technical stakeholders.
Required Skills and Experience:
- Technical Expertise:
- Hands-on experience with enterprise security tools, including CrowdStrike, Nessus, and others (e.g., SIEM, DLP, EDR tools).
- Proven ability to deploy, configure, and optimize security tools in complex enterprise environments.
- Framework Knowledge:
- In-depth understanding of NIST, CSA CCM, ISO27001, and related security frameworks.
- Experience with designing and implementing controls based on these frameworks.
- SOC Awareness:
- Strong knowledge of SOC operations, processes, and tooling.
- Familiarity with incident detection, response, and forensic investigations.
- Soft Skills:
- Excellent problem-solving skills and ability to troubleshoot security challenges.
- Strong communication and interpersonal skills for engaging with stakeholders at all levels.
- Self-driven with a proactive approach to security challenges in divestiture projects.
Preferred Experience:
- Experience in large-scale divestiture or digital transformation programs.
- Knowledge of additional security tools and platforms, such as Splunk, Qualys, or Tenable.
- Familiarity with regulatory requirements like GDPR, HIPAA, or PCI-DSS.
- Certifications such as CISSP, CISM, CEH, or GIAC are highly desirable.