Associate grc consultantPosted: April 18, 2022, 3 a.m. - Full Time - Bangalore
Job Location : Bangalore Experience: 4(Min) until 8(max) Years Career Level: Associate to Mid Level Job type : Permanent
Department : PS
Certified PCI DSS QSA's are only eligible to apply .
Summary of Role
Undertake PCI DSS audits and assessments under the Guidance of GRC Consultant . Provide strategic information security advisory and consulting services for all clients. The role encompasses delivery and management of Professional Services engagements, technical consultation and implementation, and internal strategic initiatives. Managing team members as deemed necessary, accounting to team roles and responsibility. Scoping, design, implementation, and operation of PCI DSS, and related Information Security framework/ standards. Participated in internal audits (IS) and carried out Risk Assessments, Business Continuity Management, Disaster Recovery, Data Leakage Prevention, Crisis management, Incident Management, PCI-DSS and GAP analysis Conduct of PCI DSS Gap Analysis or assistance in completion of SAQ process Conduct of Internal Audit (against internal information security policies and procedures, or industry standards) engagement Leading and assisting in Tender responses Attending opportunity meetings with Sales and Marketing team for potential clients Attending meetings with current clients for upsell opportunities Plan security strategies and implementing IT Security solutions such DLP, EMAIL, WAF & DDOS products for customers. Providing support for advanced level and on-call support for large variety of networks, systems, and infrastructures. Planning & Audits, Security investigations and Risk assessment, Designing and Implementing Business Continuity and Disaster Recovery. Manage external relationships from clients, vendors, and business partners at all levels as required. Manage and lead Delivery engagements as & when required. This may also include managing engagement teams, deliverables and engagement budget. Perform Professional Services and Delivery engagements related as deemed necessary and as directed by Management. Work under the Head of PS or the Lead auditor as required to ensure strict adherence to the Quality & process to be able to set a higher standards of delivery for all customer . Report all project progress & any issues on timely basis .
Candidates with experience more than 9 Years & less than 4 Years , please restrain from applying for this vacancy as this is not a Senior consultant role, an humble request is to restrain from applying if you are overqualified or you don't fit into the stated prerequisite's.
Why join our GRC vertical competence?
Our GRC consultants are focussed on delivering quality, creating value proportions by focussing on the set objectives, we talk apples & we deliver them.
- Further, our GRC consultants are trained in-house on multiple streams of knowledge base to ensure they deliver the best for our customers.
- We believe the quality check is an end-to-end process, so quality checks are to be embedded in the cycle.
- If you are passionate about security assessments, if you have the right skills & the patience in writing the best report, then it's the right place for you to be.
- Last but not the least, we just don't deliver No's, we deliver Quality, we are concerned with end results from a value propositions perspective.
- Extensive Training will be provided to be part of the brilliant consulting team & race .
Deliver Professional Services and Delivery related projects as required , work with GRC Consultant & manager to be able to deliver these responsibility under GRC :
- Scoping, design, implementation, and operation of PCI DSS, and related Information Security framework/ standards.
- Consult to clients at all levels regards to Information Security standards, frameworks, guidelines, and better practice.
- Undertake risk assessments using industry frameworks such as ISO 31000, ISO 27005.
- Compliance engagements such as Gap Analysis, Internal Audit, External Audit
- Manage and deliver vulnerability and penetration Testing engagement
- Conduct security policy and framework reviews
- Implementation of PCI DSS, ISMS, or client specific information security frameworks
- Security architecture reviews
- Manage the delivery of the engagement (includes resources, budget, and client deliverables)
- Ensure quality of all deliverables including but not limited to:
Client Engagement metrics * Client Project Delivery * Internal Project Delivery * Present Secure Logic to potential clients and group through various communication streams. * Ability to travel a must. Attending trade shows and events will be required. * Lead generation for new business channel development. * Keep abreast of current Information Security standards such as: * ISO 27001:2013 * ISO 31000 PCI DSS ISO 20000, ITIL CSA Framework ISACA guideline Any other local Information Security frameworks and requirements for Government, regulatory, and legislative requirements.
Co-ordinate the delivery of consulting or managed service projects.
Certification/Qualification Requirement :
CISA or CISM or SANS . PCI DSS QSA ISO 27001 LA or ISO 27001 LI certification Additional certification like CEH , ECSA , CCNA , CCNP will be a plus . Graduate/B.E/M.B.A with 1 to 4 years of post-qualification experience in risk advisory/related ITGC audit experience/external audit experience .