Senior Cybersecurity Consultant in the Financial Sector (Future project)

Role: Senior Cybersecurity Consultant – Financial Sector

Overview:

The Senior Cybersecurity Consultant leads the design, implementation, and improvement of security strategies in highly regulated financial environments. They act as a technical reference for internal and external clients, providing expert advice on regulatory frameworks (such as PCI-DSS, NIST, ISO 27001), risk assessment, threat monitoring, and strengthening controls. This role combines advanced technical capabilities, compliance management, and consultative leadership, aimed at improving the security posture and reducing operational risks.

Key Responsibilities:

• Advise clients in the financial sector on the adoption of cybersecurity controls aligned with frameworks such as PCI-DSS, NIST CSF, MITRE ATT&CK, and ISO 27001.
• Lead risk assessments, gap analyses, technical audits, and the development of remediation plans.
• Coordinate with SOC, infrastructure, GRC, and compliance teams to ensure the effective implementation of security controls.
• Design and implement monitoring, incident response, hardening, and access control strategies.
• Participate in the definition of secure architectures (on-premise and cloud), vulnerability analysis, and business continuity plans.
• Support the development of policies, procedures, and documentation required for audits or certifications.
• Support selection and implementation processes for cybersecurity tools (SIEM, EDR, DLP, FIM, etc.).
• Provide training, awareness workshops, and mentoring to technical and non-technical teams.

You will be successful in this role if you have:

Required Profile:

• Professional in Systems Engineering, with a postgraduate degree focused on cybersecurity.
• 10+ years of experience in information security, with at least 3 years in the financial sector.
• Advanced knowledge of PCI-DSS, NIST, ISO 27001 regulations, and experience in compliance audits.
• Practical experience in designing secure architectures, risk analysis, and incident response.
• Ability to lead projects, generate executive deliverables, and communicate effectively with technical and business areas.

Desirable:

• Certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer/Auditor.
• Knowledge in cloud security (AWS, Azure), control automation, and GRC tools.
• Consulting experience for financial entities, fintechs, or digital banking.