• Deliver onsite & remote service related to configuring / prototyping GRC Access Control (ARA, EAM, ARM, BRM) and GRC Process Control
• Deliver onsite & remote service related to SAP NetWeaver Identity Management, SAP Single Sign-on, SAML, X.509 certificates
• Deliver onsite & remote service related to Security knowledge in Application Security (ABAP, HANA, JAVA) and Infrastructure Security
• Ability to assist customer in designing security approach(es) for their SAP on premise and Cloud environment(s), including SAP S/4HANA
• General knowledge of Fiori Artifacts, HANA and S/4HANA Security
• Scan target networks and systems with Fortify, open-source vulnerability scanners
• Design a plan of attack that can include exploiting software vulnerabilities, systemic vulnerabilities, social manipulation, or any combination of those factors
• Perform the research on cyber security criteria, security systems, and validation procedures
• Plan and design healthy security architectures for any IT project

Skills: GRC Configuration, Identity Management, Application Security, Security Strategy Design, SAP Security Knowledge, Vulnerability Assessment, Attack Planning, Cybersecurity Research

• Make recommendations for approval or denial of such request based on cybersecurity, privacy, and records management policy and guidelines.
• Evaluate SUIT client business strategy, and enterprise impacts based on evolving client requirements, and make recommendations for organizational changes to manage new SUIT requirements
• Provide consultative services to analyze, measure, and improve the SUIT processes, people, and tools that support the agency's Risk Management Framework (RFM) / Assessment and Authorization (A&A) Program.
• Interpreting and translating Federal data management enterprise policies, guidance, and directives to internal stakeholders
• Coordinating and participating in Working Group(s) and Joint Service Integrated Project Teams, consisting of US Military Services, Department of Defense (DoD), Civilian, and contractor staff
• Supporting the development of functional requirements, and coordination of functional requirements comprehension with technical teams
• Leading and facilitating client meetings
• Creating project status briefings and reports

Skills: Policy Recommendation, Business Strategy Evaluation, Consultative Services, Policy Interpretation, Working Group Coordination, Requirements Development, Client Facilitation, Project Reporting

• Participating in the design, implementation, maintenance and support of medium and large scale IT security solutions, in particular in the field of cyber security, covering people, processes and technology.
• Participate in the design, implementation and development of IT security processes, including security monitoring, data protection, vulnerability management, handling security incidents.
• Analysis of the organization, its processes, architecture and infrastructure in terms of IT security.
• Analysis of events and detected incidents in the area of IT security using dedicated tools in the area of security.
• Continuous improvement of knowledge and skills based on internal and external training programs.
• Understanding and implementing an architectural design
• Implementing security solutions such as Log management/SIEM platforms, Vulnerability Scanners, Antimalware & EDR, Whitelisting (Bit9), and keeping these platforms stable and operational.
• Perform version upgrades, security patches
• Working with customers (internal and external) to understand their requirements/needs
• Driving improvements, automation, optimization and implementing changes
• Support the process of designing and building the right solutions for the customers

Skills: IT Security Solutions, Security Process Development, Organizational Analysis, Incident Analysis, Continuous Improvement, Architectural Design, Security Implementation, Customer Collaboration

• Working with the company’s clients directly, traveling to client sites
• Use expertise to support and contribute to typical deliveries such as Design reviews, making sure the business adheres to security policies and frameworks (ISO27001, NIS Directive, etc.).
• Assisting with the delivery of client engagements to a high-quality and assisting with other areas of cybersecurity
• Working closely with their SOC, Penetration Testing team, and IT Infrastructure team
• Work across all business areas as well as 3rd party vendors to assess information security risk exposure.
• Working alongside subject matter experts within cybersecurity consultancy and use this expertise to build credibility with clients.
• Take part in IT security consulting or compliance related projects in various industry sectors as professional leader or team member. 
• Coordinating the work of junior colleagues under the supervision of managers
• Take part in the continuous monitoring and adapting the requirements of new legislations and regulations which have an impact on clients.

Skills: Client Engagement, Security Policy Compliance, Cybersecurity Delivery, Collaboration with SOC, Risk Assessment, Cybersecurity Expertise, IT Security Consulting, Team Coordination

• Maintains and continuously improves cybersecurity project delivery practices through the development, training, and implementation of standard practice guides, templates, and tools in alignment with the agency Enterprise Performance Lifecycle (EPLC).
• Manage the execution, implementation, and maintenance of cybersecurity projects of varying scope and size
• Develop and maintain all project management artifacts, including budget, management plans, charters, scope documents, and business cases
• Review technical approaches to ensure compliance with appropriate policies
• Monitor and report project status to stakeholders
• Coordinate with program personnel at multiple levels to achieve project objectives
• Prepare and update project-related documentation
• Develop Work Breakdown Structures (WBS) and project master schedules for individual projects
• Monitor project cost, duration, and assigned resources against baselines
• Coordinate and facilitate project meetings
• Develop and/or present reports and executive briefings on project status
• Maintain a Risk Register and proactively identify, track, mitigate, and communicate risks

Skills: Project Delivery Practices, Cybersecurity Project Management, Project Documentation, Policy Compliance Review, Stakeholder Reporting, Team Coordination, Risk Management, Executive Briefing

• Provide local coverage for vulnerability management, pen testing, application security, and cyber exercises
• Maintain relationships with local infrastructure and application development leadership
• Coordinate projects and activities local to the region to including coordinating and reviewing Qualys scans 
• Assisting out-of-region project managers with pen tests on assets owned in the region 
• Assisting application security team with application onboarding into the secure SDLC program 
• Scheduling and coordinating local cyber exercises for in-region management
• Protect from Industrial Espionage is a major threat to the Manufacturing Sector, secure operational information obtained from production systems, such as production and inventory data that is sensitive or valuable.
• Protect from Cyber spies from breach of network and avoid stealing of sensitive data by malicious actors, protection from third-party vendors who connect directly to the network via laptops or USB drives, bypassing traditional perimeter defenses like firewalls and IDS/IPS devices
• Engage with Army Cyber stakeholders to undertake requirements setting for deployability support system elements for Defensive Cyber Teams
• Undertake requirements setting activities for individual DCO mission system upgrades
• Undertake requirement-setting activities for Cyber Security Operations mission systems
• Cyber Security Consultant Responsibilities 
• Support DCO units in delivering unit updates by operational needs
• Support the establishment of an Infrastructure project for Simpson Barracks, as a component of the extant Base Estate Plan, or a new Land Cyber Base Estate Plan

Skills: Vulnerability Management, Penetration Testing, Application Security, Relationship Management, Cyber Exercises Coordination, Industrial Espionage Protection, Requirement Setting, Cybersecurity Consultation

• Work closely with the customer throughout the full deployment life cycle as the primary point of contact during planning, deployment, and post-implementation 
• Responsible for the delivery and ongoing success of the product
• Besides planning, deploying, responsible for consulting, expanding, and securing the customer's environment using the service.
• Acted as the trusted expert and advisor for customers and executive sponsors to drive product adoption and to ensure that the company offerings are utilized to its full business value
• Act as the voice of the customer and collect feedback to drive continuous improvement across all areas including product.
• Plan and oversee the execution of the privileged access management program, created and customized according to the customer's needs to ensure success in meeting the customer's Privilege Access Management goals.
• Guide the customer through both Privilege Access Management and Security best practices aimed at rapid risk reduction in the Customer Environment.
• Monitor and identify adoption and utilization trends, provide recommendations based on risk and customers’ needs
• Through usage and adoption analysis drive renewal of subscription, expansion, and product improvement.
• Collaborate with internal R&D and Product Management teams on service usage, user experience, automation, and other topics, influencing the product roadmap
• Deploy and configure with the customer the On-Premises Components, and integrate the service with the customer's environment
• Assume overall customer adoption responsibility act in a critical issue management role and assist the customers with service requests and technical issues.
• Delivering security vulnerability information to customers in a concise management report.
• Involvement in complex security testing programs.

Skills: Customer Relationship Management, Product Deployment, Security Consulting, Privileged Access Management, Risk Reduction Strategies, Subscription Renewal Management, Technical Issue Resolution, Security Vulnerability Reporting

• Performs reviews and assessments of organizational security controls (policies, processes, configurations) to verify they comply with applicable security standards
• Prepares reports that document findings from security assessments and testing
• Recommends security enhancements and research the latest IT security trends
• Learns and adapts to new technologies in the ever-changing world of Information Security
• Broad knowledge and experience in project management methodologies including waterfall and agile
• Establish security controls to ensure protection of client systems.
• Implement cutting-edge security tools for federal clients.
• Lead the development of a mature incident response program that is integrated across the business
• Organize and deliver incident response services on a cross-section of complex projects
• Delivering penetration testing engagements alone and as part of a team.
• Communicating with clients before, during, and after the technical testing is complete. This will be both via meetings and report writing
• Create comprehensive IT security concepts for complex environments
• Support customers in setting up IT security processes and obtaining IT security certifications
• Develop risk analyses for existing systems or systems to be planned
• Perform security risk analyses of production tools and machinery as well as production environments

Skills: Security Control Assessment, Report Preparation, Security Enhancements Recommendations, Incident Response Program Development, Project Management, Penetration Testing, IT Security Processes Implementation, Risk Analysis

• Derive cyber security requirements and recommendations for action according to regulatory requirements
• Assessing the efficacy of existing security measures and controls
• Carry out IT security analyses, assessments, and audits
• Develop the consulting portfolio and expand the area in cooperation with other teams
• Support the Technical Sales and offer preparation, perform trainings and workshops on cyber security topics
• Define the security and compliance requirements by ensuring the technical viability of the solution.
• Define technical rules that will guide the design, development, and implementation of the system,
• Review security specifications and requirements in collaboration with the technology architect,
• Produce security deliverables and risk assessments for projects that may also use cloud services,
• Follow up on the security mechanisms in place and ensure the protection of IT assets,
• Participate in the evolution of strategies, frameworks, objectives, and orientations of IT security,
• Provide support to stakeholders regarding operational security strategies
• Design, evolve and document the mechanisms, tools and procedures used to perform effective IT security management
• Participate in the evaluation of efforts and costs with the project manager.

Skills: Cybersecurity Requirements Derivation, Security Measures Assessment, IT Security Audits, Consulting Portfolio Development, Technical Sales Support, Security Specifications Review, Risk Assessment Production, IT Security Management Documentation

• Conduct applied research to develop new technologies including topics such as automated security testing, automated security hardening, and efficient security monitoring
• Apply research results in projects with Siemens business units and Siemens IT worldwide by designing and implementing proof-of-concepts and prototypes.
• Provide technical security consulting to responsible managers and experts from Siemens’ business units and support their cybersecurity risk management.
• Manage internal research and consulting projects
• Collaborate with national and international partners, both internally and at universities and research institutions.
• Actively share know-how within Siemens and supervise interns and working students.
• Support in cybersecurity incident and vulnerability handling.
• Support in the definition and development of story around cybersecurity for SIDRIVE IQ to facilitate G2M and sales in alignment with responsible Cybersecurity Manager.
• Establish, align, and implement measures to expedite organizational processing of cybersecurity requirements at point of sale (direct sales, promotors, distributors, etc).
• Support in generation and update of required documentation and tools for sales support (e.g. whitepapers, assessment tools, certifications).
• Support in design and supply of SIDRIVE IQ system architectures according to required standards such as IEC 62443, NIST.
• Support projects as a Cybersecurity Expert in secure services for Siemens LDA within EMEA and other regions.
• Support with implementation of cybersecurity measures on behalf of the Cybersecurity Manager.
• Preparation and auditing for Cyber Essentials
• Regular security status updates, KPI and risk reports to the Cybersecurity Manager.

Skills: Automated Security Testing Development, Technical Security Consulting, Cybersecurity Project Management, Research Collaboration, Cybersecurity Incident Handling, Documentation Generation, System Architecture Design, Risk Reporting

• Assist in the development of the Security Consulting Team
• Know and identify customer requirements and set yourself up as a Trusted Advisor
• Implement or improve cyber security management strategy and processes at the customer organization
• Support and plan Penetration Tests and Digital Forensics measures for customers
• Develop cyber security Frameworks, based on industry best practices as well as international and applicable national standards
• Act as a Subject Matter Expert to the customers for cyber security
• Providing input to and/or crafting specialist points of view for the market and where appropriate presenting at industry events.
• Collaborating with a broad range of colleagues and client staff across both technical and non-technical areas
• Maintain an agreed set of enterprise architecture artifacts.
• Provide specialist guidance on the interpretation and application of policies and procedures, resolving complex or contentious queries and issues and enabling others to take appropriate actions.
• Collect business requirements using a variety of methods such as interviews, document analysis, workshops, and workflow analysis to express the requirements in terms of target user roles and goals.
• Maintain an agreed set of artifacts and lead business process mapping and efficiency work, including methodology and approach, workshop facilitation, and maintenance of appropriate business process and enterprise-wide requirements, to support the wider change agenda.
• Design and implementation of Security and/or Segregation of Duties measures in SAP
• Develop training material for client use

Skills: Security Consulting Development, Trusted Advisor Engagement, Cybersecurity Management Strategy, Penetration Testing Support, Cybersecurity Framework Development, Subject Matter Expertise, Business Requirements Gathering, Security Measures Implementation

• Initiate and accompany projects for customers
• Plan and conduct cyber security assessments
• Promoting cyber security policies, standards, and procedures and assist business and project teams to embed these across the organization
• Providing cyber security advice, identifying, recording, and providing advice regarding cybersecurity-related risks, issues, incidents, and mitigating actions
• Collaborating with AAL IT and Security Operation teams, contributing towards delivering the Cyber Strategy
• Collaborating and liaising with the Cyber Security community, locally and globally, to effectively manage threats and vulnerabilities within the environment
• Assisting with incident response and investigation
• Completing cyber threat and risk assessments, monitoring emerging technologies, and making recommendations to ensure AAL continues to be protected against emerging threats
• Engaging with stakeholders and providing expertise in identifying security issues for both existing system designs and projects
• Be responsible for the development and implementation of integrated cybersecurity strategies in the field of digital transformation, Industry 4.0, and IoT
• Process optimization and rollout for information security and product development processes (IAM, risk management, personnel security, etc.)
• Analysis and optimization of organizational structures and security governance processes following established industry standards
• Project and program management in the realm of cybersecurity strategies and solutions
• Participate in global LDA cybersecurity community.

Skills: Project Initiation, Cybersecurity Assessment Planning, Policy Promotion and Implementation, Cybersecurity Risk Advisory, Incident Response Support, Risk Assessment, Integrated Cybersecurity Strategy Development, Security Governance Analysis

• Experience in leadership with successfully completed projects in the field of ICT and Information Security governance.
• Demonstrated cybersecurity technical experience in leading big cybersecurity projects
• Professional experience in working with international organizations and public authorities 
• Demonstrated expertise in elections.
• Experience in leading and the delivery of customer engagement on time and on budget in a consulting /professional services environment
• In depth knowledge of specific Cybersecurity product technologies or vendor offerings with extensive knowledge of risk methodologies and frameworks.
• Design and implementation experience across multiple technologies
• Experience working with a wide range of customers, technologies and architectures
• Experience in assessing Cyber Security tools
• Experience in implementing Cyber Security solutions
• Experience in authoring technical documents

Qualifications: BS in Cybersecurity with 5 years of Experience

• Relevant experience delivering IT infrastructure projects with a focus on cyber security across on-premise and/or other cloud-based solutions, primarily on Azure, however AWS, GCP 
• Good knowledge of traditional infrastructure, networks, and best practice security regarding either incident response, threat intelligence, computer forensic, or Malware analysis
• An aptitude for troubleshooting, identifying issues, and designing solutions in tight timeframes
• Efficient understanding of the layout of the development, testing, and production environment
• Relevant certifications within Azure and/or AWS, combined with project experience from transformation projects
• Program/project management and/or cybersecurity-related experience
• Prior experience in the energy sector and/or at DOE
• Expert computer skills with Microsoft applications (Project, Word, Excel, PowerPoint, and Visio)
• Excellent verbal, interpersonal, and written communication skills
• Strong technical, analytical, organizational, and problem-solving skills
• Self-motivated, energetic, quick, adaptive learner

Qualifications: BS in Information Technology with 8 years of Experience

• Direct experience managing or ensuring systems' compliance with Federal ISM RMF / A&A requirements
• Strong interpersonal, written, and oral communication skills
• Must be a self-starter with the ability to work effectively independently and in team settings including close collaboration with program managers
• Proven ability to support multiple projects simultaneously in a deadline driven process
• Experience in building and managing client relationships
• Proficiency in the Microsoft Office Suite (including Microsoft Project, Visio, and SharePoint)
• Ability to develop and cultivate strong customer relationships
• Team player with the ability to work in a fast-paced environment
• Ability to interface with the client and build business relationships

Qualifications: BS in Computer Science with 4 years of Experience

• Experience within Information Technology or Computer Science broadly, with a background in one or several of the following: Network Implementation, IT Systems Administration, Database Administration, or Software Development.
• Experience within Cybersecurity, with one or several of the following focus areas: Identity Management, Network Security, Vulnerability Management, Application Security, or Security Operations.
• Demonstrated ability to methodically analyze problems and identify solutions.
• An ability to adjust positively to quickly changing priorities and shifting goals.
• Possess technical writing and communication skills.
• Show discretion when interacting with customers and vendors.
• Previous security-related consulting experience.
• Be adept at dealing with ambiguity, thinking on one’s feet.
• Schedule and deliver tasks in a timely manner.
• Thrive in a fast-paced, small-team atmosphere.

Qualifications: BS in Information Security with 6 years of Experience

• Experience working with network infrastructure and/or infrastructure security
• Experience in technical consulting
• Experience in working with pre-sales and sales teams in defining Scope of Work (SoW)
• Experience conducting cybersecurity assessments (e.g. Asset inventory, security posture, vulnerability analysis, basic security controls)
• Experience working with several IACS vendors technologies (DCS, PLC, SIS, SCADA, IED)
• Knowledgeable of emerging OT Security frameworks and standards including NIST CSF, NIST SP 82R2, IEC-62443, ISA 99 and NERC CIP
• Relevant experience and demonstrable knowledge and understanding of network and system security
• Strong inclination towards and awareness of cybersecurity trends and practices
• Well-informed of system security design and implementation methodologies
• Excellent communication skills and ability to work independently and within cross-functional teams.

Qualifications: BS in Computer Engineering with 7 years of Experience

• CISSP, CISA, and/or CISM certification 
• Accreditation for an industry penetration testing certification preferred (e.g. CPTE, CPTC, GPEN, or CEH)
• Experience in information security, ideally within a professional services environment or internal consultancy function delivering cybersecurity-related services
• Strong knowledge of enterprise technologies, especially networking principles and internet-based technologies, with self-motivated learning ability
• Hands-on experience conducting network scanning and penetration testing 
• Experience with security testing tools is an advantage
• Knowledge of IT security vendor products is an advantage
• Experience in financial services and excellent written and verbal communication skills in English and Chinese
• Strong interpersonal skills with a demonstrated ability to gain the confidence and respect of senior-level executives
• Strong client services orientation and accustomed to taking an active role in executing client engagements
• Level of English (according to Europass CV Classifications), both written and spoken: B2
• Motivation and availability to follow projects and activities abroad (mainly in Europe) for 1-2 years
• Work experience within Aerospace and Defense sector/customer
• Ability to obtain and maintain a Personal Security Clearance (PSC)

Qualifications: BS in Cybersecurity with 4 years of Experience 

• Consulting experience with cybersecurity solutions/services.
• Technical background in cybersecurity assessments or red team engagements.
• Familiarity with cybersecurity control baselines and frameworks, such as OWASP, PTES, Mitre ATT&CK, NIST 800-53, or CIS benchmarks.
• Red team-related certifications and strong communication as well as presentation skills
• Fluent in both written and spoken English.
• Strong ability to identify, analyze, and resolve problems, driving solutions through to completion
• Personal Security Clearance available or already obtained in recent years
• Good communication and interpersonal skills and teamwork and coaching attitude
• Analytical and problem-solving attitude
• IT Governance and/or IT Security certifications (ISO 27001 Lead Auditor, COBIT, CISA, CISSP, CISM, CRISC, CSX, GSEC, ITILetc.) will be considered a plus
• Theoretical knowledge of the main architectures and security technologies (DLP, SIEM, IDS, IPS, Firewall, Antivirus, Proxy, NAC, Data Masking & Tokenization, PKI, etc.)
• Excellent knowledge of the English language
• Have passion for Information Security

Qualifications: BS in Computer Science with 5 years of Experience 

• Experience advising foreign governments or militaries
• Experience working in Asia Pacific on defense or national security projects
• Experience developing cybersecurity and cyber defense strategies, policies, or procedures
• Experience working either on Joint Staff or another Major Staff or within the Office of the Secretary of Defense or equivalent cyber-responsible office in the Department of Defense
• Experience in establishing and institutionalizing cyber programs and processes inclusive of the management structure, procedures, and skills necessary to develop defense or national security plans in the cyber domain
• Knowledge of cybersecurity challenges in emerging market
• Ability to obtain and maintain a Secret security clearance
• Experience with conducting negotiations in a business or advisory setting or formal training in negotiations
• Experience in cyber defense and IT security at the national and inter-ministerial level
• Experience in leading cybersecurity capacity-building initiatives in a bilateral and/or multilateral environment
• Good communication, presentation, and written skills in English
• Excellent team player and self-starter

Qualifications: BS in Information Technology with 10 years of Experience 

• Excellent writing and verbal communication skills
• Experience with cloud security concepts
• Experience with data protection and data classification on Cloud
• Knowledge of cloud resiliency processes and tools
• Strong understanding of Segregation of Duties (SOD) frameworks, sensitive access management and enabling integration with privileged access management
• Knowledge of cloud governance and audit procedures
• Knowledge of DevSecOps and Cloud automation
• Experience with cloud configuration compliance monitoring and management
• Experience with data flow diagrams and data loss prevention tools is a plus
• Strong understating of Single Sign-on (SSO), Multi-factored authentication (MFA), and integration with enterprise identity management tools and processes
• Strong project management and organizational skills
• Commitment to gaining exposure in multiple industries
• Contribute to a strong client relationship through interactions with client personnel the broader impact of current decisions
• Facilitate the use of technology-based tools or methodologies to review, design and/or implement products and services

Qualifications: BS in Computer Science with 6 years of Experience 

• Solid experience with making IT security risks/requirements understandable for IT and Business Solution Architects.
• Collaborative approach and ability to build and maintain good working relationships across the professional spheres and management levels in an organization.
• Experience and experience with several of the IT security and risk standards e.g. ISO 2700x, NIST CSF, and CIS, and ensuring compliance with these.
• Good communication skills both orally and in writing.
• Deep technical knowledge of Cyber, Security, and how an adversary might exploit a vulnerability
• A strong understanding of how threats work and understand the risk.
• Previous experience integrating technical standards into technical architecture
• A strong understanding of the NIST framework and ISO27005
• Experience in high-level security projects in a business environment.
• Knowledge of business security management and protocols.
• Experience working in an ISO27K environment and familiarity with the requirements.
• Experience in authoring technical documents
• Demonstrated ability to brief stakeholders and senior leaders

Qualifications: BS in Network Security with 7 years of Experience 

• Experience in assessing Cyber Security tools
• Experience in implementing Cyber Security solutions
• Must hold a current and valid industry Information System Security certification (Security+, CSA+, C|EH, CISSP, etc.)
• Experience with Splunk, WireShark, FireEye, etc.
• Stakeholder coordination and engagement
• Experience in a consultancy company, ideally on different projects and customers
• Experience in project effort and cost estimation, as well as junior resources coordination
• Good knowledge of information security concepts, ideally an IT security certification (Comptia+, CEH, CISA)
• Familiarity with IT security systems/products in at least one security subject area, e.g. transaction monitoring, SIEM, identity and access management, network security, application security
• Good knowledge of networking - need to be able to understand a large architecture and evaluate for threats
• Experience working in Agile, Lean, and/or Continuous Delivery approaches and best practices, such as Continuous Integration and TDD
• SIEM experience (LogRythm, LogPoint, AlienVault, Darktrace, or equivalent)
• Strong interest in security, networking, cloud, and engineering – stay up to date on the latest developments
• Hands-on experience in cyber security assessment, system automation projects, programming, and system administration (Windows/Unix/Linux, Network devices, etc)
• Experience in security technologies, practices, application/network/systems architecture and design, tests tools and processes

Qualifications: BS in Information Security with 10 years of Experience 

• Strong cyber security skills and knowledge
• Strong knowledge of cyber security best practices and recent developments
• Strong critical thinking skills
• Strong attention to detail - can independently deliver solutions
• Commercial experience in security and leadership positions
• Experience working in a fast-paced environment eg. start-ups, scale-ups, medium-sized businesses
• Knows when to ask questions, accept knowledge gaps, and seek help 
• Comes from a technical background and can code and evaluate code for security risks
• Experience in running exploits, verifying vulnerabilities, etc. – not expected to do as part of the role but the resulting knowledge is useful in many other areas of the role
• Quickly evaluate whether a solution and have experience with Cloud 
• Experience working with ISO 27001 compliance and audits
• Experience working with and delivering the SOC 2 compliance and certification
• Experience with conducting, evaluating, and sourcing penetration tests
• CREST Registered Penetration Tester (CRT) or Offensive Security Certified Professional (OSCP)
• Familiar with Cyber Security standards (ISO 27001, IEC 62443, NIST)

Qualifications: BS in Software Engineering with 7 years of Experience