We’re looking for a Security Consultant who brings technical depth, a compliance mindset, and a forward-thinking approach to protecting client's platforms, data, and customers. The ideal candidate will have strong experience with conducting security assessment and audits and provide recommondations. This is a fully remote 6 month contract role looking for an individual available immediately.
What You Will Do
- Conduct cybersecurity maturity assessments and develop tailored improvement plans aligned with business objectives.
- Identify, assess, and manage information security risks across the environments.
- Support and maintain client’s PCI DSS compliance program, including scoping exercises, gap assessments, evidence collection, and coordination with QSAs during annual audits.
- Perform application security assessments and code reviews to identify vulnerabilities across client’s software portfolio.
- Incident response - Monitor, detect, and respond to security events and incidents. Be open to flexible working hours to support Incident response.
- Perform vulnerability assessments and risk analyses to manage security gaps.
- Design, implement, and maintain security controls, policies, and procedures aligned with Industry and regulatory frameworks.
- Conduct security reviews of system architectures, network configurations, and application deployments - ensuring PCI DSS requirements are addressed from design through production.
- Collaborate with Engineering teams to embed security and compliance requirements into the SDLC.
- Investigate and triage security alerts, perform root cause analysis, and document findings for both operational and compliance purposes.
Knowledge Requirements
Required
- Deep understanding of various security domains such as network security, identity governance, infrastructure security, external attack surface management and are well versed with industry best practices across security domains.
- Software development or secure code review experience - able to read, analyze, and identify security flaws in application source code.
- Experience performing security assessments, audits, and remediation
- Experience with cloud security in AWS or Azure environments.
- Knowledge of OWASP Top 10, common application vulnerabilities, and secure coding practices.
- Knowledge of identity and access management (IAM), multi-factor authentication, and zero-trust principles.
- Understanding of vulnerability management lifecycle, patch management processes, and compensating controls.
- Knowledge of common attack vectors, MITRE ATT&CK framework, and threat intelligence practices.
- Proficiency with SIEM platforms and responding to SOC alerts.
- Solid grasp of operating systems security (Windows, Linux, macOS).
- Experience with PCI compliance
Nice to Have
- Awareness of AI security risks, familiarity with MCP and experience securing AI agent-to-tool integrations
- Experience with internal penetration testing
- Experience implementing security systems / security tools
- Experience with endpoint security & DLP.
- Experience with containerization and Kubernetes security.
- Experience with SAST and DAST tools.
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field - or equivalent practical experience.
- Certifications (one or more preferred): CISSP, CISM, CISA, CRISC, SSCP, AWS, Azure, GSEC
- Any other industry-recognized cybersecurity certification
- 5+ years of hands-on experience in information security, cybersecurity operations, or a related systems security role.
- Excellent communication skills in English
📌 Our specialized recruiting professionals apply their expertise and utilize our proprietary AI to find you great job matches faster. This job posting is for a current vacancy with our client.
