Consultant

1. Vulnerability Assessment
Expertise in VA tools (Tenable, Qualys, Nessus). Strong knowledge of network protocols, OS (Linux, Windows).Experience with network device scanning, perimeter, and internal systems. Knowledge of CVE databases and security standards.

2. Penetration Testing
Expertise in PT tools (Metasploit, Burp Suite, Nmap). Knowledge of system and network exploitation techniques. Proficiency with OWASP Top 10, SANS 25. Strong communication skills for risk mitigation.

3. Security Analysis
Experience in vulnerability management and remediation. Strong communication and collaboration skills. Proficiency in analytics and prioritizing vulnerabilities. Knowledge of compliance standards (GDPR, HIPAA).

4. Threat Intelligence & Impact Assessment
Expertise in threat intelligence tools. Knowledge of vulnerability assessment and impact analysis. Experience with the MITRE ATT&CK framework. Strong analytical and communication skills.

5. Quality Assurance
Expertise in QA processes for security assessments. Experience with defining and measuring security quality metrics. Proficiency in project management and reporting tools.

6. Compliance
Expertise in compliance frameworks (PCI-DSS, ISO 27001, NIST).
Experience in automating compliance reporting. Knowledge of system tracking tools and compliance assessments.

7. Hardening Guidelines
Expertise in system hardening standards (CIS Benchmarks, NIST).
Knowledge of OS hardening (Windows, Linux) and network device configuration. Experience in conducting configuration reviews and audits.

8. Security Product Configuration
Expertise in configuring and reviewing security products (firewalls,IPS, IDS, SIEM, DLP). Experience with security best practices (ISO 27001, NIST). Knowledge of network security and application security standards.

9. Enterprise Operational Security
Strong understanding of enterprise security policies and standards (ISO 27001, NIST). Expertise in managing security systems (firewalls, SIEM, DLP). Experience in policy review and security architecture design.

10. Legal and Compliance
Expertise in legal and regulatory requirements (GDPR, HIPAA, PCIDSS, IT Act). Knowledge of compliance frameworks and impact analysis. Experience with operational security policy design and review.

11. Security Policy & Process
Expertise in security governance, risk management, and compliance (GRC). Experience with designing and maintaining security policies.
Knowledge of cybersecurity regulations and industry standards (ISO 27001, COBIT).