Cyber Security Consultant (Risk Advisory Services)
- As part of the Risk Advisory team deliver on engagements pertaining to information security, cybersecurity, risk management, and privacy for our customers across the globe
• Responsible for managing and delivering on accounts in accordance with CyRAACS quality guidelines & methodologies.
• Execute the engagement requirements, prepare reports and schedules that will be delivered to clients and other parties
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress
• Develop and maintain productive working relationships with client personnel
• Prepare status updates and prepare management presentations etc.
• Actively contribute to improving operational efficiency on projects & internal initiatives.
• Assist in creating innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents, and develop new methodologies.
• Understand and follow workplace policies and procedures
• Flexible to travel to client location for the project delivery
Experience Skills and Qualifications
- 1-3 years’ experience (preferably in a consulting environment)
- Strong knowledge of cyber / information security concepts, risk and controls concepts
- Strong knowledge of any standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI DSS, NIST standards on Cyber Security, HITRUST, etc.
- Good knowledge of IT risk and control/audit environment
- Good understanding of IT Management Frameworks such as COBIT, ITIL, and regulations such as RBI Guidelines, PCI Compliance, GDPR, HIPAA], etc.
- Knowledge of vulnerability management
- A good understanding of IT data center operations and a variety of technology platforms
- Excellent business communication skills, proficient in reporting and documentation
- Ability to deliver work within tight timescales, to budget, and to a high quality
- Demonstrate attention to detail
- CEH, ISO 27001 Lead Auditor, and Lead Implementer preferred.
- Conceptual knowledge of domains in CISSP, CISA, CISM etc.