Cyber Governance, Risk & Compliance (GRC) Consultant

We are seeking an experienced and highly motivated Cybersecurity Incident Response & Technology Specialist to join our dynamic security team. The successful candidate will play a critical role in effective management and mitigation of security incidents, contributing to the continuous improvement of our security posture. This position also encompasses the evaluation of emerging security technologies through Proof of Concept (PoC) or Proof of Value (PoV) initiatives, coupled with the application of project management methodologies to ensure the successful deployment of selected solutions.

Responsibilities:

• Incident Management: Efficiently assess, investigate, and manage security incidents throughout their lifecycle, determining root cause and impact.
• Log Analysis: Conduct comprehensive analysis of security logs and data to identify and correlate malicious activity.
• Incident Response Leadership: Lead incident response efforts, contribute to the development and maintenance of incident response plans, and coordinate effectively with relevant stakeholders.
• Technology Evaluation: Conduct thorough Proof of Concept (PoC) and Proof of Value (PoV) assessments of prospective security tools to determine their efficacy and suitability.
• Project Management: Apply project management principles to plan, execute, and monitor the implementation of security tools and strategic initiatives.
• Technical Communication: Articulate complex technical information clearly and concisely to both technical and non-technical audiences.
• Cross-functional Collaboration: Collaborate effectively with diverse teams to facilitate incident resolution and the implementation of security solutions.
• Continuous Improvement: Conduct post-incident reviews to identify lessons learned and recommend enhancements to prevent future occurrences.
• Security Tool Proficiency: Utilize tools such as EDR and SIEM for in-depth investigations and analysis.
• Availability: Respond to security incidents on a 24x7 basis during escalations and participate in a rotational on-call schedule, including weekends and public holidays.
• Additional Responsibilities: Undertake other cybersecurity-related tasks as directed by team leadership.