CENSUS is an internationally acclaimed Cybersecurity services provider. We support the needs of multiple industries, providing IT and OT security services to public and private organizations around the world, ranging from financial institutions and critical infrastructure to automotive and secure communications, including Fortune 500 companies. Powered by cutting-edge research, scientific analysis and in-depth engineering experience across various industries & technologies, CENSUS delivers unparalleled security consulting & assessment services for products (software, services, devices, and large-scale platforms), infrastructure, and organizations.

Learn more about CENSUS at census-labs.com.

About the Job / Key Responsibilities

We are looking for talented & ambitious professionals to grow our Cyber Security Advisory Services team and join our ongoing mission to deliver in-depth and top-tier cybersecurity services to our valued clients. As part of this role, you will use your knowledge and experience to help clients across various industries achieve compliance with desired cyber security standards, execute risk assessments, and create prioritized action plans for the improvement of their cyber security posture. You will work side-by-side with our clients’ development and security teams as well as partners, to provide strategic cyber security consulting services under engagements and projects that involve:

· Cyber security risk assessments and risk analyses.

· Gap analyses against cyber security standards such as ISO/IEC 27001, PCI DSS, DORA, NIS2, SOC2, etc.

· Creating a strategic roadmap for improving cyber security posture, based on a prioritized action plan.

· Development of cyber security policies, processes, and procedures.

· Reviewing security architecture designs, identifying missing security controls, and driving analysis for security improvements.

· Threat modeling.

· Researching, reviewing, comparing, and proposing technologies that can satisfy the client’s established requirements, and aligning with their strategies.

· Application security maturity assessments.

· Cloud security architecture assessments.

· Providing consultation to our internal product security and organizational security teams.

Essential Qualifications

· MSc or BSc. in Electrical Engineering, Computer Science, Computer Engineering, or equivalent practical experience.

· Postgraduate degree in Information Security will be considered a plus.

· 2+ years of experience in a cyber security role.

· Proficient in English (written and spoken).

· Eagerness to expand knowledge in new areas and learn new standards and methodologies.

· Excellent communication and technical writing skills.

· Ability to document and present cybersecurity risks in both technical and business-oriented language.

· Ability to self-organize time to reach strict deadlines.

Desirable Knowledge

Knowledge or familiarity of some of the following areas will be considered a plus:

· Knowledge of key aspects of risk management: analyzing potential risks, determining risk appetite, identifying threats, assessing vulnerabilities, and proposing appropriate mitigating controls.

· Familiarity with international cyber security standards such as ISO/IEC 27001, ISO 22301, PCI DSS, NIS2, DORA, PCI SSF, GDPR, etc.

· Familiarity with cloud platform security architectures of the three major cloud service providers (Azure, AWS, GCP), related features and technologies.

· Experience in identifying and understanding the severity of security vulnerabilities in diverse environments (e.g. OWASP Web Top10 vulnerabilities, data encryption issues, incorrect use of transport layer protections, insecure configurations, improper secrets management, etc.).