Security Consultant – Insight

Insight
Assess | Advise | Enhance
Evolve
Engineer | Integrate | Operate
Respond
Respond | Hunt | Recover
Extend
People | Skills | Resources

Job ID: 001608LONSCIN

Location: London, UK

Salary: Competitive

Apply

Logic Bounce is an independent research-driven and insight-led security consultancy founded in 2013 with offices in Europe, Asia and North America. In a rapidly changing technology landscape, innovation is essential and we believe passionately that the surest way to run out of new ideas is to hold too tightly onto old ones. In an era of digital disruption and transformation, cybersecurity is the essential component that ensures that companies have the confidence to implement digital processes and technologies to drive innovation and growth. We offer a complete portfolio of services to help identify threats and risks, define strategy, deploy the right technologies, develop capabilities and ensure operational readiness to enable business through security. We have the ability to address the needs at a strategic program level, at the operational project level and at all levels in between.

Role Overview

We are looking for a Security Consultant – Insight with strong experience in Technology, Security, Governance, Risk, and Compliance and the ability to travel up to 75%. At least one Security Certification required (CISSP, CISM, CISA) and having a PCI QSA would be a plus.

This individual will be responsible for assessing technical, administrative and physical controls based on various regulations or standards at client sites. Ideally, the candidate should have an IT infrastructure, administration, security background; and excellent communication skills.

Role Responsibilities

  • Perform Technical and Security Compliance Assessments and other client work related to our professional services offerings
  • Create and recommend remediation for components of security policies, procedures, processes, and standards
  • Provide guidance and recommendations for technical security controls
  • Provide specific recommendations for business or technical issues
  • Create detailed, professional documentation to be delivered to customers both in written and verbal formats
  • Work on multiple projects concurrently, manage time effectively, and require minimal supervision in the execution of projects

Logic Bounce expects its employees to understand and apply commonly known security practices and possess a working knowledge of applicable industry controls such as NIST 800-53. Employees will be expected to acknowledge their security responsibilities in writing prior to gaining access to company systems. Employees will be required to maintain a working knowledge of local security policies and execute general controls as assigned.

Qualifications

  •  Experience with security tools such as – Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various commercial and self-developed testing tools
  • 5+ years of experience leading penetration testing, application testing, and red team engagements
  • Experience with scripting languages such as python, ruby, POSIX shell, as well as familiarity with programming languages such as: C/C++/ObjC/C#, Java, PHP, or .NET
  • Experience with WLAN security concepts and testing
  • 10+ years of Information Technology, Security and Compliance experience required
  • Bachelor’s degree required, preferably in computer science or information systems
  • While experience in a number of IT disciplines may provide a solid framework for this position, hands on results from performing IT risk assessments, information security consulting or IT audits are most beneficial
  • Experience in the following regulations and Frameworks: PCI, ISO 27001/2, HIPAA, GLBA, NIST
  • Knowledge and experience with security technologies, processes, and methodologies such as:
    • Risk Assessment and Risk Management
    • Change Management
    • Logical, Physical, and Administrative Access Controls
    • Physical Security
    • Encryption (in relation to compliance)
    • Malicious Code: Detection and Response
    • Systems and Software Development Life Cycle
    • Personnel Security
    • Media Controls
    • Audit, Logging, and Monitoring Controls
    • Vendor Management
    • Intrusion Detection and Response
    • Business Continuity / Disaster Recovery
    • IP Network architecture and technology, protocols, routing
  • Unquestioned integrity and personal ethics; willingness to provide feedback in challenging situations
  • Experience working with complex, sophisticated clients
  • Strong networking and negotiating skills; strong analytical capabilities and a desire to learn new things
  • High energy level, comfortable performing multifaceted projects in conjunction with day-to-day activities; resourceful and well organised
  • Able to work on multiple projects concurrently, manage time effectively, and require minimal supervision in the execution of a project
  • Technical or professional certifications (CISSP, CISA, CISM, QSA)
  • Candidates hold or could contain a Government security clearance

Logic Bounce is committed to the principle of equal employment opportunities for all employees and to provide employees with a work environment free of discrimination and harassment. All employment decisions at Logic Bounce are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex, age physical, mental or sensory disability, sexual orientation, gender identity and/or expression, martial, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status or any other status protected by the laws or regulations in the locations where we operate. Logic Bounce will not tolerate discrimination or harassment based on any of these characteristics. Logic Bounce encourages applicants of all ages.