The Sr Security Consultant is responsible for monitoring, analyzing, and responding to security incidents using SIEM and other security tools. They play a critical role in maintaining endpoint and network security, managing access controls, supporting vulnerability and patch management, and ensuring compliance with ISO 27001 and other standards. The role includes regular system hardening, firmware updates, configuration backups, and documentation. The engineer also assists with audit readiness, contributes to threat hunting, and collaborates with internal teams to maintain a secure IT environment.
Key Responsibilities:
· Perform triage and investigation of security events and escalate to infosec lead when needed.
· Conduct daily health checks on firewalls, endpoints, security appliances, and SIEM systems.
· Support and manage endpoint protection platforms, email security, and web filtering systems.
· Participate in threat hunting activities and analyse suspicious activities or anomalies.
· Coordinate and support vulnerability assessments and ensure timely patch compliance.
· Maintain system hardening, secure configurations, and adhere to CIS benchmark standards.
· Ensure security controls and processes align with ISO 27001, NIST, and other relevant frameworks.
· Assist in preparing and participating in internal and external ISO audits.
· Prepare and maintain accurate and up-to-date security process and documentation, audit logs, SOPs, and reports.
· Perform regular configuration backups and firmware updates for security infrastructure.
· Administer and maintain IAM, MFA, and PAM systems to ensure secure access controls.
· Collaborate with infrastructure and application teams to support secure system operations.
· Respond to audit findings, implement remediation steps, and ensure closure of compliance gaps.
· Contribute to security awareness by documenting incidents, lessons learned, and procedures.
· Participate in 24/7 on-call rotation or scheduled maintenance windows when required.
Required Skills and Experience:
TECHNICAL SKILLS /COMPETENCIES:
MANDATORY
· Experience working with enterprise firewalls such as Palo Alto, Fortigate, Cisco ASA/FTD
· Strong hands-on knowledge of SIEM tools (e.g., Splunk, QRadar) for log monitoring and threat detection
· Exposure to endpoint protection platforms such as CrowdStrike, SentinelOne, or Microsoft Defender
· Hands on experience with VPN, NAC, and network security policies
· Hands on experience with WAF – F5 ASM, Barracuda
· Working knowledge of Vulnerability Management tools like Nessus or Qualys
· Proficiency in managing Identity and Access Management (IAM), including MFA and Privileged Access Management (PAM)-CyberArk
· Practical experience with ISO 27001 audits, security documentation, and compliance reporting
· Skills in security hardening and application of CIS benchmarks
· Ability to perform firmware upgrades, backup configuration, and system maintenance
· Understanding of email security gateways (e.g., Proofpoint, Mimecast) and web proxy solutions (e.g., Forcepoint, Zscaler)
OPTIONAL
· Cloud security experience (Azure, AWS, or GCP):
· PAM - Delinea
· Antivirus Symantec
· Cloud firewall configurations
· IAM policies for cloud resources
· Monitoring and logging in cloud environments
· Basic scripting and automation for SIEM/SOAR workflows
· Experience in hybrid or multi-cloud security implementations
SOFT SKILLS:
MANDATORY
· Strong analytical and problem-solving ability
· Excellent written and verbal communication
· Clear and accurate documentation skills
· Team player with ability to work across departments
· High attention to detail and proactive security mindset