The Cyber security consultant should have experience with the following:

• Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology 
• Verifiable experience reviewing application code for security vulnerabilities 
• Direct, hands-on experience or a strong working knowledge of vulnerability management tools
• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services. 

Full-stack knowledge of IT infrastructure

• Applications 
• Databases 
• Operating systems 
• Windows, Unix and Linux Hypervisors 
• IP networks — WAN and LAN 
• Storage networks — Fibre Channel, iSCSI and NAS 
• Backup networks and media 

Regulations, Standards and Frameworks 

• Payment Card Industry Data Security Standard (PCI-DSS) 
• Sarbanes-Oxley 
• General Data Protection Regulation (GDPR)
• Privacy Practices
• ISO 27001/2 
• NIST Cybersecurity Framework (CSF)

Experience

• 3+ years of relevant experience 
• The consultant should have proven experience in handling common security tools like anti-malware tools, firewalls, cloud security (Azure or AWS preferred), DLP, Email security etc 
• Well versed in threat assessment and risk management frameworks 
• Proficiency in project management and multi-tasking under pressure environment 
• Proven experience in security Incident handling (preferably experience of SOC environment) 
• Proven experience in handling penetration testing engagements 
• Extensive technical knowledge of security, network infrastructure, and server platforms 
• Understand and knowledge of the current security trends, threats, attack vectors etc 
• Industry security certifications preferred