Senior Consultant- Cybersecurity

Key Responsibilities :

• Candidate should have a Bachelor's degree in Computer Engineering with 10 -15+ years of relevant experience in Cyber Security.
• Supports defining, enhancing, evolving, and demonstrating the company’s point of view and delivery approach of cybersecurity-focused services.
• Should have experience handling Issue and Exception handling processes and Risk management.
• Builds and maintains client relationships, developing a strategic vision for clients and internal teams.
• Candidate should have played a GRC role for ISO27k, PCI DSS.
• Perform review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively.
• Maintain Technology Policies, Standards, and Control Library. Technology policies and standards are in alignment with Customer’s adopted industry practices and standards (i.e., ISO, NIST, CSA).
• Lead customer audit engagement (internal and external) and oversight on all IT audit matters.
• Conduct reviews to ensure systems and processes comply with existing technology policies and standards.
• Hands-on experience in Operational Security Reviews Audits and Security Incident Management review.
• Support Compliance Scanning, Management, and Reporting.
• Support Security audit and assessment activities (e.g., data collection, supporting evidence, and report generation) and review the third-party support report.
• Effectively communicate risks and system issues to all stakeholders ahead in time to avoid any program risks/escalation.
• Directly responsible for procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices.
• Help ensure compliance with ISO27k, PCI, and the NC Identity Theft law.
• Liaise with Internal & external Audit, Corporate Compliance, and Risk.
• Ensure policies are reviewed and updated regularly.
• Promote and monitor the IS Security awareness program.
• Maintain expertise on security trends through training, research, and development in order to mitigate potential security exposures.
• Professional certification such as CISA, CISM, CRISC, or CISSP is desirable.
• Good understanding of the financial domain and Security IT.

Domain Skills:

CISA, CISM, CRISC, or CISSP

Certification:

Mandatory ☐

Good to have ☒

Detailed Job Description:

• Candidate should have a Bachelor's degree in Computer Engineering with 10 -15+ years of relevant experience in Cyber Security.
• Supports defining, enhancing, evolving, and demonstrating the company’s point of view and delivery approach of cybersecurity-focused services.
• Should have experience handling Issue and Exception handling processes and Risk management.
• Builds and maintains client relationships, developing a strategic vision for clients and internal teams.
• Perform review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively.
• Maintain Technology Policies, Standards, and Control Library. Technology policies and standards are in alignment with Customer’s adopted industry practices and standards (i.e., ISO, NIST, CSA).
• Lead customer audit engagement (internal and external) and oversight on all IT audit matters.
• Conduct reviews to ensure systems and processes comply with existing technology policies and standards.
• Strong familiarity with industry frameworks such as ISO standards, GDPR, NIST, PCI DSS, CISO. Broad understanding of cyber security concepts and risks.

Industry and Technology certifications: CISA, CISM, CRISC, or CISSP