Deloitte - Bengaluru, IN
posted 16 days ago
About the position
As a Consultant in our Cyber Team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Your work will involve a working knowledge in one or more security and privacy domains such as security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection. You will also be responsible for ISO 27001 based Information Security Management System implementation and sustenance, assessing client information security posture, identifying gaps/risks, and developing solutions to mitigate those risks. Additionally, you will advise clients on data privacy, data leakage prevention, identity and access management, and conduct Information Systems audits covering IT infrastructure assets.
Responsibilities
- Build and nurture positive working relationships with teams and clients.
- Exceed client expectations in security and privacy domains.
- Implement and sustain ISO 27001 based Information Security Management System.
- Assess client information security posture and identify gaps/risks.
- Develop solutions to mitigate identified gaps/risks.
- Assist clients in reviewing and implementing Information Security controls.
- Conduct Information Systems audits covering IT infrastructure assets.
- Advise clients on data privacy, data leakage prevention, and identity and access management.
Requirements
- Working knowledge in security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection.
- Experience in leveraging industry standards and frameworks such as PCI-DSS, ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL.
- In-depth knowledge of security and privacy controls and risk management process.
- Possession of certifications such as CEH, ISO27001 LA/LI, ISO22301 LA/LI, CISSP, CISA, CISM preferred.
- Basic understanding of cyber security controls such as encryption, hashing, CIA Traits, network security, data security, NIST.
Nice-to-haves
- IT education or related fields.
- Certifications such as PCI-DSS, ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent preferred.
- Certifications like CISSP, GSEC, GCIH, CEH, LPT, CCSK would be preferred.
Benefits
- Hybrid working model.
- Opportunities for professional growth and development.
- Supportive work environment focused on inclusion and diversity.
