Job Title:  Deputy Manager | Risk Management | Pune | Cyber Strategy & Transformation

Job Title: Deputy Manager – Cyber Control Assessment

Location: India (Onsite/Hybrid as per project)

Experience: 6–10 years

Role Overview

As a Deputy Manager in Cyber Control Assessment, you will lead and deliver cybersecurity control reviews, risk assessments, and compliance engagements across industries. The role requires strong expertise in evaluating control environments, advising clients on remediation, and managing stakeholder relationships while supporting business growth and team development.

Key Responsibilities

1. Cyber Control Assessment & Assurance

• Perform end-to-end cybersecurity control assessments across domains such as:
• Identity & Access Management (IAM)
• Network Security
• Endpoint Security
• Data Protection & Privacy
• Cloud Security (AWS, Azure, GCP)
• Evaluate design and operating effectiveness of controls aligned to frameworks like:
• ISO 27001 / 27002
• NIST CSF / NIST 800-53
• CIS Critical Security Controls
• COBIT
• Conduct ITGC (IT General Controls) reviews including:
• Access management
• Change management
• IT operations

2. Risk & Compliance Management

• Identify control gaps, vulnerabilities, and risk exposures
• Perform risk assessments and control maturity evaluations
• Support regulatory and compliance programs (e.g., SOX ITGC, GDPR, RBI guidelines, etc.)
• Provide actionable remediation recommendations aligned to industry best practices

3. Client & Stakeholder Management

• Act as a primary point of contact for clients on engagements
• Conduct workshops, walkthroughs, and stakeholder interviews
• Present findings, risk insights, and executive summaries to senior client stakeholders
• Manage expectations, timelines, and deliverables

4. Engagement Delivery & Team Leadership

• Lead small to mid-sized teams (2–6 members)
• Plan and manage project timelines, resource allocation, and quality of deliverables
• Review team outputs (risk assessments, control testing, reports)
• Mentor junior team members and support capability building

5. Reporting & Documentation

• Develop high-quality deliverables including:
• Risk and control matrices (RCMs)
• Assessment reports
• Gap analysis reports
• Executive dashboards
• Ensure documentation aligns with audit and compliance standards

6. Practice Development & Pre-sales

• Support proposal development, RFP responses, and client pitches
• Contribute to thought leadership, accelerators, and reusable assets
• Identify opportunities for cross-sell and upsell within existing clients

Required Skills & Competencies

Technical Skills

• Strong understanding of:
• Cybersecurity frameworks and standards
• ITGC and ITAC controls
• Risk assessment methodologies
• Hands-on exposure to:
• Cloud security assessments
• Vulnerability management tools (e.g., Qualys, Nessus)
• GRC tools (e.g., Archer, ServiceNow GRC)
• Knowledge of emerging areas:
• Zero Trust Architecture
• DevSecOps controls
• Third-party risk management