A computer security consultant is a technology professional who focuses his or her career on identifying and remedying vulnerabilities in computer networks. Nearly all computers that are connected to the Internet are at risk for hacking, virus infection and surreptitious downloads, among other ills. When computers are networked together, as they often are in corporate settings, the risks escalate. Companies and government organizations hire professionals to help them identify and remedy their network risks, often with special attention to preventing data breaches or system crashes. A computer security consultant is the sort of person to whom they usually turn.
The first thing a computer security consultant usually does is take stock of the computers in use. Consultants are information security professionals above all else, which means that they are primarily concerned with safeguarding the information on each computer from loss — loss that is either internal or external. This often involves as much internal monitoring of employees’ download habits as it does installation of firewalls and other programs that prevent external breaches.
Computer and network security is a true two-way street. Most of the losses and computer data breaches come from the outside, but a significant number come from the inside as well. Disgruntled employees, dishonest managers and corrupt finance officers often know how to surreptitiously mine data and drain corporate online accounts in ways that take a long time for non-tech savvy supervisors to discover. A computer security consultant’s job is to monitor and control traffic flowing in all directions and to look for holes or vulnerabilities in both places.
Most of the time, the computer security consultant begins by providing a corporation with an overall map of security risks as well as areas of perceived weakness in the network. He or she will then draw up a plan for how to remedy those risks and will set a price for his or her services. Sometimes the needed data protection measures include the installation of computer security software or antivirus programs. Others require a complete overhaul of the way the computers are networked together or complete reinstallation and reconfiguration of basic operating software.
The majority of computer security consultant jobs are contract-based, which means that consultants are hired on a one-task-at-a-time basis. Many of them set hourly rates for their work, which includes both diagnosing weaknesses and actually strengthening the systems. Some might be willing to provide advice for a reduced rate and might offer their services on an a la carte-type plan that lets clients pick and choose from among a list of services.
A computer security consultant is most often an independent contractor who works for himself or herself. Consultants frequently get their starts in consulting firms, however. It usually takes a great deal of experience and expertise to be able to branch out alone and be trusted to handle something as important as a corporation’s entire network security. Demand for the work is high, and consultants who have exceptional experience and references often command top salaries.
