Cybersecurity Consultant

The Cybersecurity Consultant is responsible for delivering cybersecurity advisory, governance, risk, and compliance services across enterprise, government, and critical infrastructure customers throughout the MENA region. Operating within ZainTECH’s Cybersecurity Advisory Services practice, the role helps organizations assess, strengthen, and mature their cybersecurity posture through strategic consulting engagements aligned with industry best practices, regulatory requirements, and business objectives.

This role assess security maturity, identify gaps, develop cybersecurity roadmaps, and provide actionable recommendations that enhance resilience and reduce organizational risk. The role plays a key part in expanding ZainTECH’s cybersecurity advisory capabilities while supporting opportunities that may transition into recurring managed security services.

Responsibilities:

Cybersecurity Advisory & Consulting 

• Lead and deliver cybersecurity consulting engagements across a broad range of industries and customer environments. 
• Provide strategic advisory services covering Cybersecurity strategy, Governance frameworks, Risk management, Compliance programs and Security transformation initiatives 
• Assess customer cybersecurity capabilities and provide recommendations aligned with business and regulatory requirements. 
• Support organizations in developing cybersecurity operating models and governance structures. 

Security Assessments & Gap Analysis 

• Conduct cybersecurity maturity assessments against recognized standards and frameworks including ISO/IEC 27001, NIST Cybersecurity Framework (NIST CSF),CIS Critical Security Controls and Applicable regional cybersecurity regulations 
• Perform Gap assessments, Risk assessments, Control effectiveness reviews and Compliance assessments 
• Identify security weaknesses, process gaps, and governance deficiencies. 
• Develop prioritized remediation roadmaps aligned with organizational objectives. 

Governance, Risk & Compliance (GRC)

• Advise customers on the design and implementation of cybersecurity governance frameworks. 
• Support the development of Security policies, Standards, Procedures and Control frameworks 
• Facilitate cybersecurity risk management activities and risk workshops. 
• Assist customers with compliance readiness and regulatory alignment initiatives. 
• Provide recommendations for improving organizational security governance and oversight. 

Security Architecture & Control Advisory

• Review existing security controls and architecture designs. 
• Provide risk-based recommendations covering Identity and Access Management, Network Security, Endpoint Security, Cloud Security, Data Protection and Security Monitoring 
• Ensure recommendations are practical, scalable, and aligned with customer business requirements. 
• Support cybersecurity transformation and modernization programs. 

Client Engagement & Stakeholder Management 

• Act as a trusted cybersecurity advisor to customer stakeholders. 
• Facilitate workshops, interviews, and assessment activities. 
• Present findings and recommendations to Executive leadership, Technology teams, Risk and compliance functions and Regulatory stakeholders 
• Build strong relationships with customer teams and maintain high levels of client satisfaction. 

Our Culture & Code of Conduct:

At ZainTECH, we take pride in a culture built on collaboration, innovation, and uncompromising integrity. We are looking for individuals who share these values and are committed to customer-centricity and ethical excellence. All employees are expected to uphold our Code of Conduct, which serves as a guiding framework for responsible behavior across everything we do — from how we work with each other to how we engage with clients and partners globally.

Requirements

• Bachelor's degree in information technology or a related field.
• Minimum 5 years of hands-on cybersecurity experience, with a track record of advisory or consulting delivery.
• At least one valid NCSC-approved professional certification like (CISSP, CISM (Certified Information Security Manager), ISO/IEC 27001 Lead Implementer / Lead Auditor, or CISA , or another equivalent certification in the same field that is approved by the NCSC and published on its official website.
• Working command of ISO/IEC 27001, NIST CSF, and applicable Jordanian and regional regulatory requirements.
• Excellent written and verbal communication in English and Arabic, with the ability to present to executive and regulatory stakeholders.
• Advanced degree (Master's or higher) in cybersecurity, information systems, or a related discipline is preferable.
• Multiple certifications across governance, risk, and audit (for example holding more than one of CISSP, CISM, CISA, ISO 27001 LI/LA) is preferable.
• Prior experience in a consultancy, system integrator, or telco-affiliated security practice serving regulated sectors is preferable.