Skills and Qualifications
- 8-12 years experience (preferably in consulting environment)
- Strong knowledge of cyber / information security concepts, risk and controls concepts
- Strong knowledge of any standards such as ISO 27001/2, ISO 22301, ISO 27018, ISO 27701, PCI DSS, NIST standards on Cyber Security, HITRUST, etc.
- Good knowledge of IT risk and control / audit environment
- Good understanding of IT Management Frameworks such as COBIT, ITIL and regulations such as RBI Guidelines, PCI Compliance, GDPR, HIPAA] etc.
- Knowledge of vulnerability management
- A good understanding of IT data centre operations and a variety of technology platforms
- Excellent business communication skills, proficient in reporting and documentation
- Ability to deliver work within tight timescales, to budget and to a high quality
- Demonstrate attention to detail
- CEH, ISO 27001 Lead Auditor and Lead Implementer preferred.
- CISSP, CISA, CISM certifications desirable.