Senior Consultant- Cyber Security Consulting & Advisory

Social network you want to login/join with:

col-narrow-left

ITL UK

London, United Kingdom

Other

-

Yes

col-narrow-right

4

29.06.2025

13.08.2025

col-wide

Job Description

Today, the corporate landscape is dynamic and the world ahead is full of possibilities! None of the amazing things we do at Infosys would be possible without an equally amazing culture, the environment where ideas can flourish and where you are empowered to move forward as far as your ideas will take you.At Infosys, we assure that your career will never stand still, we will inspire you to build what’s next and we will navigate further together. Our journey of learnability, values and trusted relationships with our clients continue to be the cornerstones of our organization and these values are upheld only because of our people.Your roleAs a Consultant in the Infosys Cyber security Consulting & Advisory (C&A) Team, you are an expert at contributing to different phases of the Cyber security consulting lifecycle. You will be intensely involved in; being a highly skilled Cybersecurity practitioner in a primary skills associated to GRC, as well as secondary skill -Technical e.g. IDAM, Engineer, Network, IOT/OT security to join our team. The successful candidate will play a critical role in the Practice in support to clients and their security roadmap, business G&OS and at times compliance requirements through Assessments, Design reviews and Upgrades. This role requires a deep understanding of GRC cybersecurity, with secondary skills in a Domain area of cyber security ISMS, whilst working with cross-functional teams to enhance the security posture of clients Cyber Security strategy at both an operational and tactical level, as well as Enterprise. You will guide teams in both onshore and in offshore on project processes, deliverables and contribute to the proposal development, client training and internal capability-building and help detail the project scope. You will have the opportunity to shape value-adding consulting solutions that enable our clients to meet the changing needs of the global landscape. Required:Industry experience working in enterprise cyber security domainSecurity Practitioner, which includes execution of operational/ tactical as well as strategy & program cyber security. Able to support the cyber security roadmap and management inclusive of security risk management, its development, lead a team and align to security measures with enterprise IT security frameworks.Have an understanding of Security Solutions: MS Sentinel/Defender/Entra, Zscaler ZPA ZTMA, CrowdStrike, CyberArk, SailPoint, Ping, and be able to design and build a controls dashboard form evidence outputs form MS solutions, using ISO27K, NIST, NIS 2, DORA, TISAX, PCI and or equivalent .Exposure to Threat Methodology and Incident Response: Identify, analyze, and respond to security events and incidents from a process point of view, but have insights towards recommendation remediation activities, in conjunction with operational team exposure and cyber threat mitigation.Security Assessments & Compliance: Exposure to security assessments, evaluate risk, and ensure compliance with IEC , NIST SP -82, NERC CIP, ISO , and NIS2 frameworks or combination.Vulnerability & Risk Management: Able to implement risk mitigation strategies tailored for ICS/SCADA and IoT environments.Vendor & Third-Party Security Management: Assess and oversee third-party vendors providing security solutions, ensuring their compliance with security policies and industry best practices.Training & Awareness: Develop and conduct cybersecurity training and awareness programs for internal teams, partners, and executives.Emerging Threats & Technologies: Stay informed about new cybersecurity threats, vulnerabilities, and emerging technologies in industrial cybersecurity, IoT security, and critical infrastructure protection.Good level of awareness in one or more of the cyber industry trends and technologies e.g., Zero Trust Architecture, Responsible AI, Security Automation, Cyber Vendor consolidation, DevSecOps, Cyber Mesh Architecture etc.Desirable:A broad outlook through exposure to an ecosystem of diverse cultures, stakeholders as well as emerging tools, technologies, regulations, standards etc, Experience with similar roles in consulting teams or organizations.Relevant industry certifications in cyber security and or connected area such as Data Privacy. Education: Bachelor's degree in Cybersecurity, Information Technology, or a related field.Network Security: Exposure to Firewalls, IDS/IPS, VPNs, authentication systems, PKI, log management, and content filtering.Cybersecurity Frameworks: Familiarity with NIST, IEC , ISO , NERC CIP, GSMA IoT Security Guidelines, and other industry security standards.Incident Response & Risk Management: Experience in security monitoring, incident response, and risk mitigation.Technical Skills: Strong troubleshooting, analytical, and problem-solving abilities.Communication & Collaboration: Ability to work independently and within cross-functional teams, with excellent communication and interpersonal skills.Project Management: Knowledge of project planning, resource management, financial budgeting, and risk assessment for OT security projects.Preferred Certifications CISM,CISA, CISSPGlobal Industrial Cybersecurity Professional (GICSP)ISA/IEC Cybersecurity Fundamentals (IC32)GIAC Certified Incident Handler (GCIH)GIAC Cyber Incident Leader (GCIL)Personal:Besides the professional qualifications of the candidates we place great importance in addition to various forms personality profile. These include:High analytical skillsA high degree of initiative and flexibilityHigh customer orientationStrong exposure in stakeholder management at Senior levels High quality awarenessExcellent verbal and written communication skills (bonus if candidate can speak German and another European language) About InfosysInfosys is a global leader in next-generation digital services and consulting. We enable clients in 54 countries to navigate their digital transformation. With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through the many next of their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise and ideas from our innovation ecosystem.Visit to see how Infosys can help your enterprise navigate your next.All aspects of employment at Infosys are based on merit, competence and performance. We are committed to embracing diversity and creating an inclusive environment for all employees. Infosys is proud to be an equal opportunity employer

Job Description

Today, the corporate landscape is dynamic and the world ahead is full of possibilities! None of the amazing things we do at Infosys would be possible without an equally amazing culture, the environment where ideas can flourish and where you are empowered to move forward as far as your ideas will take you.At Infosys, we assure that your career will never stand still, we will inspire you to build what’s next and we will navigate further together. Our journey of learnability, values and trusted relationships with our clients continue to be the cornerstones of our organization and these values are upheld only because of our people.Your roleAs a Consultant in the Infosys Cyber security Consulting & Advisory (C&A) Team, you are an expert at contributing to different phases of the Cyber security consulting lifecycle. You will be intensely involved in; being a highly skilled Cybersecurity practitioner in a primary skills associated to GRC, as well as secondary skill -Technical e.g. IDAM, Engineer, Network, IOT/OT security to join our team. The successful candidate will play a critical role in the Practice in support to clients and their security roadmap, business G&OS and at times compliance requirements through Assessments, Design reviews and Upgrades. This role requires a deep understanding of GRC cybersecurity, with secondary skills in a Domain area of cyber security ISMS, whilst working with cross-functional teams to enhance the security posture of clients Cyber Security strategy at both an operational and tactical level, as well as Enterprise. You will guide teams in both onshore and in offshore on project processes, deliverables and contribute to the proposal development, client training and internal capability-building and help detail the project scope. You will have the opportunity to shape value-adding consulting solutions that enable our clients to meet the changing needs of the global landscape. Required:Industry experience working in enterprise cyber security domainSecurity Practitioner, which includes execution of operational/ tactical as well as strategy & program cyber security. Able to support the cyber security roadmap and management inclusive of security risk management, its development, lead a team and align to security measures with enterprise IT security frameworks.Have an understanding of Security Solutions: MS Sentinel/Defender/Entra, Zscaler ZPA ZTMA, CrowdStrike, CyberArk, SailPoint, Ping, and be able to design and build a controls dashboard form evidence outputs form MS solutions, using ISO27K, NIST, NIS 2, DORA, TISAX, PCI and or equivalent .Exposure to Threat Methodology and Incident Response: Identify, analyze, and respond to security events and incidents from a process point of view, but have insights towards recommendation remediation activities, in conjunction with operational team exposure and cyber threat mitigation.Security Assessments & Compliance: Exposure to security assessments, evaluate risk, and ensure compliance with IEC , NIST SP -82, NERC CIP, ISO , and NIS2 frameworks or combination.Vulnerability & Risk Management: Able to implement risk mitigation strategies tailored for ICS/SCADA and IoT environments.Vendor & Third-Party Security Management: Assess and oversee third-party vendors providing security solutions, ensuring their compliance with security policies and industry best practices.Training & Awareness: Develop and conduct cybersecurity training and awareness programs for internal teams, partners, and executives.Emerging Threats & Technologies: Stay informed about new cybersecurity threats, vulnerabilities, and emerging technologies in industrial cybersecurity, IoT security, and critical infrastructure protection.Good level of awareness in one or more of the cyber industry trends and technologies e.g., Zero Trust Architecture, Responsible AI, Security Automation, Cyber Vendor consolidation, DevSecOps, Cyber Mesh Architecture etc.Desirable:A broad outlook through exposure to an ecosystem of diverse cultures, stakeholders as well as emerging tools, technologies, regulations, standards etc, Experience with similar roles in consulting teams or organizations.Relevant industry certifications in cyber security and or connected area such as Data Privacy. Education: Bachelor's degree in Cybersecurity, Information Technology, or a related field.Network Security: Exposure to Firewalls, IDS/IPS, VPNs, authentication systems, PKI, log management, and content filtering.Cybersecurity Frameworks: Familiarity with NIST, IEC , ISO , NERC CIP, GSMA IoT Security Guidelines, and other industry security standards.Incident Response & Risk Management: Experience in security monitoring, incident response, and risk mitigation.Technical Skills: Strong troubleshooting, analytical, and problem-solving abilities.Communication & Collaboration: Ability to work independently and within cross-functional teams, with excellent communication and interpersonal skills.Project Management: Knowledge of project planning, resource management, financial budgeting, and risk assessment for OT security projects.Preferred Certifications CISM,CISA, CISSPGlobal Industrial Cybersecurity Professional (GICSP)ISA/IEC Cybersecurity Fundamentals (IC32)GIAC Certified Incident Handler (GCIH)GIAC Cyber Incident Leader (GCIL)Personal:Besides the professional qualifications of the candidates we place great importance in addition to various forms personality profile. These include:High analytical skillsA high degree of initiative and flexibilityHigh customer orientationStrong exposure in stakeholder management at Senior levels High quality awarenessExcellent verbal and written communication skills (bonus if candidate can speak German and another European language) About InfosysInfosys is a global leader in next-generation digital services and consulting. We enable clients in 54 countries to navigate their digital transformation. With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through the many next of their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise and ideas from our innovation ecosystem.Visit to see how Infosys can help your enterprise navigate your next.All aspects of employment at Infosys are based on merit, competence and performance. We are committed to embracing diversity and creating an inclusive environment for all employees. Infosys is proud to be an equal opportunity employer