Job Title:  T&T | Cyber: CST | Consultant | ISMS | Delhi

 The team 

Technology & Transformation is about much more than just the numbers. It’s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you’re always ready to act ahead. Learn more about Technology & Transformation Practice 

Your work profile 

As a Consultant in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations:   

As part of the Cyber Governance, Risk & Compliance (GRC) team, you will work with clients across industries to strengthen cybersecurity governance, manage enterprise risks, and support regulatory compliance initiatives.

• Support the development and implementation of cybersecurity governance and risk management frameworks aligned with business and regulatory requirements.
• Perform cybersecurity maturity assessments using frameworks such as NIST CSF, NIST SP 800-53, ISO/IEC 27001, and COBIT.
• Plan and execute ITGC testing across access management, change management, logical security, and operational controls.
• Conduct IT and OT security audits to assess security controls, governance processes, and compliance posture.
• Assist clients in implementing and reviewing information security controls across IAM, incident management, backup & recovery, endpoint security, change management, physical security, and media handling.
• Support compliance initiatives related to RBI, SEBI, IRDAI, CERT-In, NCIIPC, PCI DSS, and other regulatory standards.
• Track evolving cybersecurity regulations and support remediation and compliance improvement activities.
• Support PCI DSS assessments, readiness reviews, and gap analysis engagements.
• Assess application security governance practices including Secure SDLC, threat modelling, and secure coding standards.
• Evaluate cloud governance and security controls across AWS, Microsoft Azure, and Google Cloud Platform (GCP).
• Prepare client deliverables including risk assessment reports, audit observations, compliance dashboards, and executive presentations.
• Collaborate with internal teams and client stakeholders on cybersecurity transformation and compliance initiatives.
• Conduct Third-Party Risk Management (TPRM) assessments and support enhancement of TPRM frameworks within enterprise risk programs.
•  

Key Required Skills:

• Professional certifications such as CISSP, CISA, CISM, CRISC, ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, ITIL, or PCI QSA are preferred
• In-depth knowledge of security frameworks and standards such as NIST, ISO 27001, and COBIT
• Strong analytical, communication, and stakeholder management skills
• Cyber GRC recent experience ranging from 1 to 3 years is mandatory
• B.E./B.Tech (Tier 1/2) or Master’s degree in Information Security, Computer Science, or a related field