IT & Programming

How to be a Freelance Security Consultant

How to be a Freelance Security Consultant

Going solo in the IT security field could be a tad bit difficult if you aren’t fully armed – mentally, financially and resourcefully. We all dream of becoming our own boss, so careerlancer has some advice on how to become a freelance security consultant in 2018.

A successful IT security consultant’s life is set, beautifully…

Everyone knows freelance IT consultants have their lives easily set – long lunches, frequent holidays and very few advanced meetings. So, anyone with some idea about IT security could be a consultant, right? Well, not exactly. It’s takes a lot more stress to be able to enjoy those slow lunches and lazy holidays.

First of all going solo and setting your own job is not right career for everyone. A lone consultant has to take on all different roles, like marketing, accounting, IT, finance, sales and service.

Just because you are qualified and experienced doesn’t mean you can effectively deal with clients, plan strategies and follow a realistic business plan, while staying on your budget simultaneously.

Former Managing Director of Cosmec Consulting, Roy Harari confirms, The biggest challenge is to have the combination of required capabilities. A technically superior IT professional will also need excellent marketing and personal skills to succeed on their own. It’s all about the nature of the person – a techie guy who communicates through his keyboard is unlikely to be able to present at board-level. We’re talking about business here, so having and adhering to targets, whether performance-related or financial, is crucial. This is a very rare combination, but it is possible to learn these other skills, especially on the business side.”

The Responsibilities of a Freelance Security Consultant

A security consultant is equivalent to an all-rounder security guru, advisor and guide, who designsand implements the best security solutions for a company.

Every company deals with unique IT security threats. Therefore, your day to day task will vary greatly based on each organizational requirement. However, some of the regular works you will be expected to carry are;

  • Find the most effective and economical way to secure and protect computers, networks, servers, data, information system and software application against cyber-crimes and possible threats.
  • Interview or conduct meetings with staffs and management to understand and analyse specific security issues.
  • Perform risk analysis, security assessment and vulnerability testing acutely.
  • Extensively research on security standards, protocols and security systems.
  • Prepare cost for security system implementations and identify any issues for IT project managers.
  • Plan, design, and implement robust security infrastructure for different IT projects.
  • Test implemented security solutions adhering to industry standard analysis parameters.
  • Prepare and deliver technical reports and documentations on test findings.
  • Provide technical training for in-house security teams.
  • Define and implement corporate security policies.
  • Stay alert, be on time and make quick responses to any security-related issues or emergencies and provide a 360 degree post-event analysis and solution.
  • Update and upgrade latest security systems as and when needed.

Your responsibilities and role will depend a lot on the type of freelance consulting contract you sign with organizations. In large organizations, you will ideally be associating with IT project managers or security managers for projects.

Freelance Security Consultant Career Path

To become a freelance security consultant, you should have certain experience in intermediate-level security jobs. They include: Security Administrator, Security Specialist, Security Engineer, Security Auditor and Security Analyst. However, you can also choose to be a security architect, security manager or IT project manager before becoming a consultant.

With your qualifications and expertise, you can be a freelance consultant in the following specific job fields as well:

The Right Qualifications

A freelance security consultant must understand IT security from the scratch. Therefore, every organization or consulting firm would expect you to have at least a bachelor’s degree in Computer Science, Cyber Security or Information Engineering.

If you don’t have a technical based UG degree, you can compensate your education by gaining a master’s degree in IT security or add significant knowledge through experience, training and certification. Nowadays, online training, workshops and special certification courses have made our efforts to study information security relatively easy.

You need to have a minimum of 3 – 5 years of professional experience before you decide to launch yourself as a freelance security consultant.

Based on the industry an individual works in, the salary of a security consultant is fixed anywhere between $50, 000 to $1, 50,000 per annum.

Skills required to be Qualified as a Security Consultant

Freelance Security Consultants are expected to have both technical and interpersonal skills.  Technical knowledge is paramount. However, you would be doing a lot of talking to clients, communicating plans and strategies to various non-technical teams, working with teams and negotiating prices and costs. All of these require certain soft skills as well.

Hard Skills Required to Qualify

  • Firewall and Intrusion detection & prevention
  • Ethical hacking, threat modelingand security coding knowledge
  • ITIL, COBIT and ISO 27001/27002 framework knowledge
  • IDS/IPS Testing
  • Penetration and vulnerability testing
  • Operating system handling- Windows, Linux and Unix
  • SOX, PCI, NIST, HIPAA & GLBA compliance assessments
  • Knowledge in Advanced Persistent Threats (APT), social engineering, phishing, NAC and anti-malware gateway
  • Programming language knowledge: C, C++, C#, JAVA, or PHP
  • Network routing methods, such as sub-netting, encryption technologies, DNS, VPNs, VLANs and VoIP
  • Security and Encryption technology knowledge
  • Web and Server related protocols such as TCP/IP, HTTPS, HTTP, UDP, IPSEC etc.
  • SQL, PLSQL, performance tuning and indexes knowledge

Soft Skills Required to Qualify

It is quite important for freelance consultants to hone their soft skills, because you have to not only set your own consultancy firm but also reposition and promote yourself as a ‘Brand’, separate from your previous employer.

And one of the most important relationships you will establish in your journey is between client and consultant. In order to accomplish all of the above you have to be a great leader, a very good communicator and an excellent problem solver.

You will have to deal with several issues, form teams to plan strategies and effectively transfer your ideas, plan of action and knowledge to other non-technical teams and management.

You will also have to refine your marketing and presentation skills, as both can be tricky, even in established businesses. You should learn the art of selling yourself to customers without being aggressive.

And lastly, you have to know your weaknesses and strengths and play with them to succeed.