Definition: The phrase, Security Consultant, refers to an individual or a company that specializes in providing information assurance services to other companies.
An information assurance specialist can provide a wide variety of services. Quality can vary, too. Check with past clients. Some tasks performed would be highly technical while other services would relate to policies and procedures. The work that a specialist could provide would relate to inspecting the company for the purpose of certification of an information system’s robustness against threats and vulnerabilities (e.g. the ISO 27000 series).
Its Relevance: A business or organization that is without specialized information assurance expertise would be wise to hire a third party to perform the tasks of an in-house specialist. Such an advisor might be tasked to inspect the confidentiality, integrity and availability posture of the organization’s information system and to make recommendations for improvement.