Information security audit and compliance consultant

Posted: Nov. 19, 2021, 9:30 a.m. - Full Time - Navi mumbai

We are looking for Audit consultant who is having experience of auditing ISO/IEC 27000 series, NIST Cybersecurity Framework, PCI DSS, HIPAA, RBI Guidelines, SEBI Guidelines etc.

Freshers with ISO 27001 Certification are also welcomed.

Job Description:

Ability to leverage an in-depth understanding of the client’s strategy to plan and drive the development of impactful and sustainable risk management solutions.

Ability to advise client on establishing or improving end-to-end risk management systems, processes, and frameworks to enhance strategic alignment with business goals, enable effective decision making and response, and monitor regulatory compliance

Ability to advise client on solving control design issues based on industry leading practices and regulatory requirements

Ability to plan and execute a project to deliver a superior client experience

Ability to increase quality, accuracy, and impact of reports and presentations by leveraging critical thinking, experience, and judgmen

Ability to build an in-depth knowledge of the client’s business and stay up-to-date on industry activities, marketplace trends, innovation efforts, and leading practices

Ability to design regulatory strategies that enable proactive, forward-looking, and data-driven solutions to address regulatory issues

Ability to address client’s gaps with relevant regulations by designing prioritized and data-driven regulatory compliance and response solution

Play lead role in internal and external communication/deliverable quality including technical content of reports, proposals.

High visibility in functional or industry specialty, Publication in designated areas, Public speaking

Responsible for oversight or advisee training and development program

Desired Qualifications and Skills

Bachelor or Master’s degree, preferably in STEM (Science, Technology, Engineering and Mathematics) or any related field of expertise.

Experience with security and standards frameworks especially Implementing and auditing ISO/IEC 27000 series, NIST Cybersecurity Framework, PCI DSS, HIPAA, RBI Guidelines, SEBI Guidelines etc.

Should have exposure to understanding of code review, network VA/PT and App VA/PT work
Strong understanding of security principals: audit, policies, guidelines, and compliance.

Deep understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management.

Continuously looking to grow and develop your technical and professional skills with a commitment to build and grow your cybersecurity career to the next level.

Excellent written and communications skills for both technical and non-technical stake holders.

Ability to problem solve and be creative with technical issues.

Good teamwork and time management skills.

If required, willing to travel inside and/or outside India.