Cyber Security Consultant – Mumbai – 3 to 6 Years Experience

IT Auditing & compliance
Mumbai
30 July 2024
Full Time
Urgent

Job Overview

  • Date Posted
    30 July 2024
  • Location
    Mumbai
  • Expiration date
    4 October 2024
  • Experience
    3 Year
  • Gender
    Any

Job Description

Protechmanize Solutions Pvt Ltd is seeking a skilled Cyber Security Consultant specializing in Audit & Compliance to join our team in Mumbai. The ideal candidate will have a strong background in IT governance, risk, and compliance, with hands-on experience in implementing and maintaining ISO 27001 certification and conducting various types of security assessments and audits.

Responsibilities:

  • Lead the implementation and maintenance of ISO 27001 certification, including conducting risk assessments, developing policies and procedures, and coordinating internal audits.
  • Manage the third-party risk management program, including conducting vendor risk assessments, monitoring vendor compliance, and overseeing remediation efforts.
  • Perform GAP assessments and preliminary audits/risk assessments based on ISO 27001, SEBI, RBI, and IRDAI guidelines.
  • Conduct ITGC audits for customers within defined timelines.
  • Perform vendor risk assessments/audits according to standards such as ISO 27001, NIST, PCI DSS, SEBI, RBI, and IRDAI guidelines.
  • Collaborate with cross-functional teams to identify and address security and compliance issues, develop mitigation strategies, and drive continuous improvement.
  • Provide guidance and support to stakeholders on security and compliance matters, including training and awareness programs.
  • Stay current with industry best practices, emerging threats, and regulatory requirements related to information security.
  • Travel across PAN India locations for conducting third-party vendor security audits.
Job Requirements

• 3-6 years of experience in IT Governance, Risk & Compliance.
• Bachelor’s degree or equivalent in Engineering or Science preferred.
• ISO 27001 LA / LI Certification is required.
• Relevant certifications such as CISA, CISSP, or CRISC are beneficial.
• Strong knowledge of cybersecurity principles, risk management strategies, IT governance frameworks, and industry-recognized standards and attestations such as PCI, HIPAA, and SSAE18 audits.
• Knowledge of regulations and circulars published by SEBI, RBI, and IRDAI.
• Understanding of Third Party Risk Assessment and Vendor Security Assessment.
• Conceptual knowledge of privacy and relevant standards such as GDPR, DPDP, IT Act, etc.
• Excellent analytical ability, consultative communication skills, and report writing skills.
• Knowledge of security technologies/platforms, tools, and methodologies (such as AV, EDR, DLP, Firewall, WAF, SIEM, Cloud, VAPT process, and procedures) is a plus.
• Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook).

Preferred Qualifications

• CISA, CISSP, or CRISC certifications.
• Experience with technological platforms/controls such as AV, EDR, DLP, Firewall, WAF, SIEM, Cloud.
• Knowledge of VAPT processes and procedures.

About the Company

Protechmanize Solutions Pvt Ltd is a leading provider of innovative cybersecurity solutions, specializing in IT governance, risk management, and compliance services. Our team is dedicated to helping organizations protect their information assets, ensure compliance with regulatory requirements, and achieve operational excellence. We offer a collaborative and inclusive work environment with a focus on professional development and career growth.

Related Jobs