724 - Cybersecurity Consultant

We need an English-fluent Cybersecurity Consultant, based in Latin America, available to work remotely.
We are looking for someone with exceptional communication and relationship-building skills, who embraces changes while maintaining strong attention to detail. An interested and proactive person, who's constantly learning and improving their skills.

Are you the one we are looking for?

Responsibilities:

• Perform assessments to identify gaps in the PCI DSS compliance process, and provide actionable recommendations to ensure adherence to PCI DSS standards.
• Conduct risk assessments in alignment with industry standards and frameworks such as NIST CSF/800-171, ISO 27001, CIS CSC, HIPAA, and others, identifying potential vulnerabilities and providing solutions to mitigate them.
• Assist clients in developing and enhancing their IT security programs and policies to meet both regulatory requirements and business objectives.
• Evaluate IT infrastructure and applications for vulnerabilities, assessing the risks associated with them and providing recommendations to mitigate those risks.
• Review existing IT controls to ensure they are functioning effectively and mitigating risks, identifying areas for improvement and implementing corrective actions.
• Develop comprehensive reports and deliverables that outline findings, risk assessments, recommendations, and compliance status for clients, ensuring clear communication of technical details in a business context.
• Work closely with clients to ensure they are informed throughout the assessment process, addressing any concerns and delivering results that align with their business goals.

Requirements:

• 8+ years of experience in cybersecurity.
• PCI DSS Professional (QSA, ISA)
• CISSP (Certified Information Systems Security Professional)
• CISA (Certified Information Systems Auditor)
• CISM (Certified Information Security Manager)
• ISO 27001 Lead Auditor
• NIST Cybersecurity Framework (NIST CSF) knowledge
• Other industry-specific certifications such as HIPAA, SOC 2, etc.
• Strong understanding of cybersecurity principles, frameworks, and standards.
• Proficiency in conducting assessments, audits, and reviews for various compliance and security frameworks.
• Excellent written and verbal communication skills, with the ability to present technical findings to both technical and non-technical stakeholders.
• Ability to work independently and as part of a team in a fast-paced, dynamic environment.
• Strong problem-solving and analytical skills, with the ability to identify and mitigate complex security risks.