Security Consultant

 

Security Consultant

Location: Philippines

About VikingCloud

VikingCloud is the leading Predict-to-Prevent cybersecurity and compliance company, offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions – faster. Powered by the Asgard Platform™, the industry’s largest repository of anonymized cybersecurity and compliance event data, we continuously monitor and analyze over 6+ billion online events every day.

VikingCloud is the one-stop partner trusted by 4+ million customers to provide the predictive intelligence and competitive edge they need to stay one step ahead of cybersecurity and compliance disruptions to their business. Our 1,000 dedicated cybersecurity and compliance expert advisors understand that it’s not just about technology. It’s about transacting business and delivering an exceptional customer experience every day, without fail. That’s the measurable value we deliver. And that’s what we call, Business Uninterrupted.

This PositionWe have an immediate vacancy for a full time Qualified Security Assessor reporting directly to the Director of Compliance Delivery APAC. This position offers the right candidate the opportunity for career progression within a dynamic international growth focused company. Responsibilities

• Ability to perform project tasks with minimal supervision
• Research new technologies, terms, standards, requirements, etc. to gain a better understanding.
• Attend regular meetings with Lead Consultants, Mentors, Managers and/or Clients to ask questions and/or demonstrate what you have learned.
• Maintain and enhance quality relationships with co-workers and clients.
• Assist in review of client Business Processes, Data Flows, Network Diagrams, Inventories, System and Network Security Configuration Standards, and other security controls, against the requirements defined by various security frameworks and standards.
• Assist in client project activities including, but not limited to note taking, interviews, documentation reviews, data analysis, evidence reviews, deliverable preparations.
• Correlation and communication of findings through verbal and written communication.
• Understanding of multiple standards and regulatory areas including, but not limited to:  PCI, HIPAA, Data Privacy, Cyber Risk and ISO 27001/27002
• Excellent written and verbal communication

Qualifications

• Have at least one industry-recognized professional certificate from each list below:

List A: (ISC)2

- Certified Information System Security Professional (CISSP)

- ISACA Certified Information Security Manager (CISM)

- Certified ISO 27001 Lead Implementer

List B: ISACA Certified Information Systems Auditor (CISA)

- Certified ISO 27001, Lead Auditor, Internal Auditor 1

- IRCA ISMS Auditor or higher (e.g., Auditor/Lead Auditor, Principal Auditor)

- IIA Certified Internal Auditor (CIA)

 

• PCI DSS QSA certification beneficial (although not required, we will get you certified).
• Experience working in sectors such as retail, banking, fintech, software development (or any other industry where card payments are accepted).
• Strong understanding of IT infrastructure including applications, servers, databases, network devices and security solutions.
• Strong understanding of IT and security processes including change control, patch management, vulnerability management, configuration management, incident response etc.
• Experience with software development methodologies and practices.
• Virtualization experience beneficial.
• Cloud security (AWS, Oracle) experience beneficial.
• Understanding of regulatory requirements and compliance issues affecting clients related to privacy and data protection.

 

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, political affiliation or opinion, medical condition, status as a veteran, and/or any other federal, state, or local protected class.