Job Title:  Consultant I Cyber - Enterprise Security, Cyber Defense & Resilience

Key Responsibilities

• Act as an escalation point for engagement delivery issues
• Demonstrates understanding of complex business and information technology management processes
• Plays a lead role in client retention, relationship building, and communication.
• Act as the lead for multiple client accounts in Cyber Risk Management space.
• Conduct and oversee Vulnerability Assessment and Penetration Testing (VAPT) for networks, web applications, APIs, cloud environments, and mobile applications.
• Perform in-depth Application Security assessments, including secure code reviews and static & dynamic analysis.
• Assess and enhance API Security by identifying vulnerabilities and recommending security best practices.
• Conduct Configuration Reviews for infrastructure, cloud environments, and enterprise applications to identify misconfigurations.
• Plan and execute Red Team Assessments, simulating real-world attack scenarios to evaluate and strengthen security defenses.
• Develop and execute Social Engineering techniques such as phishing simulations and physical security tests.
• Stay up to date with emerging security threats, attack techniques, and industry trends to improve the attack surface management program.
• Provide mentorship and guidance to junior security professionals in the team.
• Develop reports and present security findings to key stakeholders.

Required Qualifications & Skills

• Degree holder with 4+ years of experience in cybersecurity, with a strong focus on attack surface management, penetration testing, and red teaming.

• Ability to define the business and technical scope of a project.
• Should be able to independently lead delivery teams to deliver projects according to client specifications after such scope is defined.
• Leadership & Collaboration: Experience in managing multiple projects covering the full life cycle of project management starting from proposal, orals presentation, project planning and management, deliverables review, final client presentation and project closure.
• Technical Expertise: Hands-on experience in network & web application penetration testing, API security, and application security assessments.
• Red Team Skills: Strong knowledge of adversary simulation, lateral movement techniques, social engineering, and physical security assessments.
• Tools & Techniques: Proficiency in security tools like Burp Suite, Metasploit, Nmap, Nessus, BloodHound, Cobalt Strike, Empire, etc.
• Cloud Security: Experience in securing cloud environments (AWS, Azure, GCP) and assessing cloud attack vectors.
• Certifications (Preferred): OSCP, OSWE, CISSP, CISM, GWAPT, CRTP, CRT, or other relevant security certifications.
• Strong Communication Skills: Ability to convey complex security findings to both technical and non-technical stakeholders