Job Title:  Consultant | ISO/IEC 27002 | Bengaluru | Cyber Strategy & Transformation

• Working knowledge in one or more security domains such as: Information Technology, Information Security, Regulatory Compliance, Security Governance policies and procedures, Risk Management, Compliance, Access Control, Network Security, Security Architecture Review, IT General Controls, Third Party Risk Management
• Experience in leveraging industry standards and frameworks such as NIST, HIPAA, ISO/EC 27001, СОВІТ, ITIL, etc.
• Demonstrates in-depth knowledge of information security controls and risk management process
• Experience in data protection technologies such as encryption, data discovery, data masking, data redaction, etc.

The key skills required are as follows:

• Responsible for ISO 27001 based Information Security Management System implementation
• Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk
• Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling
• Responsible for conducting client’s vendor risk assessments and providing a holistic view of clients risk exposure due to outsourcing
• Responsible for advising and assisting clients to develop and implement information classification framework
• Conduct Information Systems audits covering IT infrastructure assets
• Demonstrates ability to work independently on projects with limited supervision
• Demonstrates understanding of complex business and information technology management processes
• Demonstrates working knowledge of firm tools and methodologies that may be suitable for the engagement
• Participates in proposal development efforts to sell "add-on" work to clients
• Plays substantive role in designing and implementing business development plan for the service line

Desired qualifications

• B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology, or related fields
• ISO 27001 LA/LI, ISO 31000 LA/LI, CISA, CISM, CISSP, ITIL, or equivalent certification preferred