Job Title:  Consultant | NIST Implementation | Pune | Cyber Strategy & Transformation

Job Title: Consultant – NIST Implementation

Experience Required: 3–5 years

Location: [Insert Location / Hybrid / Remote]

Role Overview:

We are seeking a Consultant with 3–5 years of experience in cybersecurity and compliance to support the implementation of the NIST Cybersecurity Framework (CSF) and related standards (e.g., NIST SP 800-53, 800-171). The role requires hands-on expertise in designing, implementing, and assessing network security controls aligned to NIST guidelines. The consultant will work closely with clients to strengthen their security posture, ensure compliance, and support risk management initiatives.

Key Responsibilities:

• Assist in the implementation and operationalization of NIST CSF, NIST 800-53, and NIST 800-171 controls across enterprise environments.
• Conduct gap assessments against NIST frameworks to identify compliance gaps and recommend remediation strategies.
• Design, implement, and monitor network security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, segmentation, and access control mechanisms.
• Develop and maintain security policies, procedures, and technical standards aligned to NIST guidelines.
• Support risk assessments, security control testing, and audits to evaluate control effectiveness.
• Collaborate with IT, security, and business teams to ensure security requirements are embedded into processes and technologies.
• Provide consulting and advisory support to clients on NIST compliance, governance, and network security best practices.
• Prepare documentation, reports, and evidence for internal and external audits.
• Stay updated with changes in NIST publications, regulatory requirements, and industry standards.

Required Skills & Qualifications:

• 3–5 years of experience in cybersecurity, information security governance, or compliance consulting.
• Strong knowledge of NIST CSF, NIST 800-53, and NIST 800-171 frameworks.
• Hands-on experience with network security technologies (firewalls, IDS/IPS, SIEM, VPN, NAC, segmentation).
• Understanding of risk management methodologies and regulatory compliance (e.g., ISO 27001, PCI DSS, HIPAA).
• Experience in developing and implementing security policies, procedures, and control frameworks.
• Familiarity with vulnerability management, incident response, and security monitoring processes.
• Strong communication skills with the ability to present findings and recommendations to technical and business stakeholders.
• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Relevant certifications (preferred): CISSP, CISM, CISA, CompTIA Security+, CCSP, ISO 27001 LA/LI.

Preferred Skills:

• Prior consulting/advisory experience with Big 4 or global consulting firms.
• Exposure to cloud security controls (AWS, Azure, GCP) aligned to NIST and CIS benchmarks.
• Knowledge of Zero Trust Architecture (ZTA) principles.
• Familiarity with automation tools for compliance and control monitoring