Description:
About the Company:Large insurance group, who pride themselves on a human approach and putting their customers first. They offer a friendly, dynamic, and flexible working environment and are dedicated to creating a work culture where their employees can flourish.
About the Role:
The Cybersecurity Consultant plays a critical role in safeguarding digital assets by proactively identifying, evaluating, and mitigating cybersecurity risks. This position involves conducting in-depth cyber risk assessments on technical designs and implementations, ensuring strict adherence to established cybersecurity frameworks and regulatory requirements.
Responsibilities:
- Perform in-depth security risk assessments on technical designs and implementations to identify vulnerabilities and ensure robust protection.
- Conduct thorough security audits to verify the effectiveness of existing measures and ensure compliance with industry standards.
- Provide expert technical guidance to internal teams and departments, fostering a strong security-first culture.
- Develop, manage, and present detailed reports outlining key findings, risks, and actionable recommendations.
- Identify, evaluate, and prioritize cybersecurity risks to implement proactive mitigation strategies.
- Ensure incident response and resolution meet established service-level agreements (SLAs).
Skills and Experience:
- Extensive hands-on experience conducting configuration reviews and cybersecurity assessments across SaaS, PaaS, and IaaS environments, ensuring robust security postures.
- Deep understanding of regulatory requirements, standards, and frameworks, including CPS 234, CPS 230, CIS, SOC 2 Type 2, NIST-CSF, and Essential 8, ensuring compliance and best practices.
- Proficiency in industry-recognized cybersecurity methodologies such as SABSA, NIST 800-53, MITRE ATT&CK/D3FEND, and threat modelling frameworks to assess and mitigate security risks effectively.
- Strong expertise across multiple cybersecurity domains, including cloud security, generative AI risks, and emerging threat landscapes.
- Hands-on experience in security engineering, API security, infrastructure-as-code, CI/CD security automation, and application development, enhancing security integration across DevSecOps practices.
- Highly desirable certifications such as CISSP, CISM, or CEH, demonstrating advanced cybersecurity knowledge and professional credibility.
For a confidential discussion, please contact Pravin on pravin.manandhar@peoplebank.com.au quoting reference 266021.
2 Apr 2025;
from:
uworkin.com