• As part of the GRC team deliver on engagements pertaining to information security, cyber security, risk management and privacy for our customers across the globe
• Responsible for managing and delivering on accounts in accordance with CyRAACS quality guidelines & methodologies.
• Execute the engagement requirements, prepare reports and schedules that will be delivered to clients and other parties
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress
• Develop and maintain productive working relationships with client personnel
• Prepare status updates and prepare management presentations etc.
• Actively contribute to improving operational efficiency on projects & internal initiatives.
• Assist in creating innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. • Understand and follow workplace policies and procedures • Flexible to travel to client location for the project delivery
• 8-12 years experience (preferably in consulting environment)
• Strong knowledge of cyber / information security concepts, risk and controls concepts
• Strong knowledge of any standards such as ISO 27001/2, ISO 22301, ISO 27018, ISO 27701, PCI DSS, NIST standards on Cyber Security, HITRUST, etc.
• Good knowledge of IT risk and control / audit environment
• Good understanding of IT Management Frameworks such as COBIT, ITIL and regulations such as RBI Guidelines, PCI Compliance, GDPR, HIPAA] etc.
• Knowledge of vulnerability management
• A good understanding of IT data centre operations and a variety of technology platforms
• Excellent business communication skills, proficient in reporting and documentation
• Ability to deliver work within tight timescales, to budget and to a high quality
• Demonstrate attention to detail
• CEH, ISO 27001 Lead Auditor and Lead Implementer preferred.
• CISSP, CISA, CISM certifications desirable.
