Information security audit and compliance consultantPosted: Nov. 19, 2021, 9:30 a.m. - Full Time - Navi mumbai
We are looking for Audit consultant who is having experience of auditing ISO/IEC 27000 series, NIST Cybersecurity Framework, PCI DSS, HIPAA, RBI Guidelines, SEBI Guidelines etc.
Freshers with ISO 27001 Certification are also welcomed.
Ability to leverage an in-depth understanding of the client’s strategy to plan and drive the development of impactful and sustainable risk management solutions.
Ability to advise client on establishing or improving end-to-end risk management systems, processes, and frameworks to enhance strategic alignment with business goals, enable effective decision making and response, and monitor regulatory compliance
Ability to advise client on solving control design issues based on industry leading practices and regulatory requirements
Ability to plan and execute a project to deliver a superior client experience
Ability to increase quality, accuracy, and impact of reports and presentations by leveraging critical thinking, experience, and judgmen
Ability to build an in-depth knowledge of the client’s business and stay up-to-date on industry activities, marketplace trends, innovation efforts, and leading practices
Ability to design regulatory strategies that enable proactive, forward-looking, and data-driven solutions to address regulatory issues
Ability to address client’s gaps with relevant regulations by designing prioritized and data-driven regulatory compliance and response solution
Play lead role in internal and external communication/deliverable quality including technical content of reports, proposals.
High visibility in functional or industry specialty, Publication in designated areas, Public speaking
Responsible for oversight or advisee training and development program
Desired Qualifications and Skills
Bachelor or Master’s degree, preferably in STEM (Science, Technology, Engineering and Mathematics) or any related field of expertise.
Experience with security and standards frameworks especially Implementing and auditing ISO/IEC 27000 series, NIST Cybersecurity Framework, PCI DSS, HIPAA, RBI Guidelines, SEBI Guidelines etc.
Should have exposure to understanding of code review, network VA/PT and App VA/PT work
Strong understanding of security principals: audit, policies, guidelines, and compliance.
Deep understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management.
Continuously looking to grow and develop your technical and professional skills with a commitment to build and grow your cybersecurity career to the next level.
Excellent written and communications skills for both technical and non-technical stake holders.
Ability to problem solve and be creative with technical issues.
Good teamwork and time management skills.
If required, willing to travel inside and/or outside India.