What are the responsibilities and job description for the Security Consultant position at ZealTech?
Security Consultant – Cyber Security Assessment Analyst
Austin, TX | Onsite Only | Contract
We are hiring a Security Consultant to lead supplier cybersecurity assessments, evaluate risk, and ensure compliance with security frameworks. This role focuses on assessing controls, advising leadership, driving remediation, and improving third-party risk processes. Must be able to work onsite in Austin.
Key Responsibilities
- Conduct cybersecurity control assessments and risk evaluations across global suppliers.
- Review and assess supplier security controls, strategies, BCP/DR plans, and threat exposures.
- Perform and complete annual supplier cybersecurity assessments.
- Independently plan and execute audits related to confidentiality, integrity, availability, and data protection.
- Ensure effectiveness of approved controls and drive remediation for previously identified risks.
- Advise business leaders on supplier information security risks and required actions.
- Provide subject matter expertise in third-party risk management (TPRM).
- Enhance and improve documentation, security processes, and assessment methodologies.
- Automate assessment tools and processes for cloud-based applications.
- Collaborate across global, cross-functional teams in a matrix organization.
- Manage multiple concurrent projects with strong attention to detail and execution.
🎓 Required Qualifications
- Bachelor’s degree in Engineering, Science, or a technical discipline.
- 7 years of hands-on experience in information security assessments or cyber audits.
- Deep understanding of IT controls, risk assessment methodologies, and audit principles.
- Strong knowledge of networking fundamentals and data protection concepts.
- Excellent analytical skills with the ability to interpret data and present clear conclusions.
- Familiarity with security frameworks such as ISO 27001, NIST CSF, and related industry standards.
- Experience with supply chain cybersecurity or third-party risk tools (preferred).
- Relevant certifications such as CISA, CISM (preferred).