Senior Consultant- Cybersecurity

Key Responsibilities:

• Candidate should have Bachelor's degree in Computer Engineering with 10 -15+ years of relevant experience in Cyber Security.
• Supports defining, enhancing, evolving, and demonstrating company’s point of view and delivery approach of cybersecurity-focused services.
• Should have experience handling Issue and Exception handling process and Risk management.
• Builds and maintains client relationships, developing a strategic vision for clients and internal teams.
• Candidate should have played GRC role for ISO27k, PCI DSS.
• Perform review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively.
• Maintain Technology Policies, Standards and Control Library. Technology policies and standards are in alignment with Customer’s adopted industry practices and standards (I.e. ISO, NIST, CSA).
• Lead customer audit engagement (internal and external) and oversight on all IT audit matters.
• Conduct reviews to ensure systems and processes comply with existing technology policies and standards.
• Hands-on experience in Operational Security Reviews Audits and Security Incident Management review.
• Support Compliance Scanning, Management and Reporting.
• Support Security audit and assessment activities (e.g., data collection, supporting evidence and report generation) and review the third-party support report.
• Effectively communicate risks and system issues to all stakeholders ahead in time to avoid any program risks/escalation.
• Directly responsible for procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices.
• Help ensure compliance with ISO27k, PCI and the NC Identity Theft law.
• Liaise with Internal & external Audit, Corporate Compliance and Risk.
• Ensure policies are reviewed and updated regularly.
• Promote and monitor the IS Security awareness program.
• Maintain expertise on security trends through training, research, and development in order to mitigate potential security exposures.
• Professional certification such as CISA, CISM, CRISC, or CISSP is desirable.
• Good understanding of financial domain and Security IT.

Domain Skills:

CISA, CISM, CRISC, or CISSP

Certification

Mandatory: ☐

Good to have: ☒

Detailed Job Description:

• Candidate should have Bachelor's degree in Computer Engineering with 10 -15+ years of relevant experience in Cyber Security.
• Supports defining, enhancing, evolving, and demonstrating company’s point of view and delivery approach of cybersecurity-focused services.
• Should have experience handling Issue and Exception handling process and Risk management.
• Builds and maintains client relationships, developing a strategic vision for clients and internal teams.
• Perform review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively.
• Maintain Technology Policies, Standards and Control Library. Technology policies and standards are in alignment with Customer’s adopted industry practices and standards (I.e. ISO, NIST, CSA).
• Lead customer audit engagement (internal and external) and oversight on all IT audit matters.
• Conduct reviews to ensure systems and processes comply with existing technology policies and standards.
• Strong familiarity with industry frameworks such as ISO standards, GDPR, NIST, PCI DSS, CISO. Broad understanding of cyber security concepts and risks.

Industry and Technology certifications: CISA, CISM, CRISC, or CISSP