Senior Consultant- Cybersecurity

Key Responsibilities :

• Candidate should have Bachelor's degree in Computer Engineering with years of relevant experience in Cyber Security.
• Supports defining, enhancing, evolving, and demonstrating company's point of view and delivery approach of cybersecurity-focused services.
• Should have experience handling Issue and Exception handling process and Risk management.
• Builds and maintains client relationships, developing a strategic vision for clients and internal teams.
• Candidate should have played GRC role for ISO27k, PCI DSS.
• Perform review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively
• Maintain Technology Policies, Standards and Control Library. Technology policies and standards are in alignment with Customer's adopted industry practices and standards (I.e. ISO, NIST, CSA,)
• Lead customer audit engagement (internal and external) and oversight on all IT audit matters
• Conduct reviews to ensure systems and processes comply with existing technology policies and standards
• Hands on experience in Operational Security Reviews Audits and Security Incident Management review.
• To support Compliance Scanning, Management and Reporting.
• To support Security audit and assessment activities (e.g., data collection, supporting evidence and report generation) and review the third-party support report.
• Effectively communication risks and system issues to all the stakeholders ahead in time to avoid any program risks/escalation.
• Directly responsible for procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices.
• Help ensure compliance with ISO27k, PCI and the NC Identity Theft law.
• Liaise with Internal & external Audit, Corporate Compliance and Risk.
• Ensure policies are reviewed and updated regularly.
• Promote and monitor the IS Security awareness program.
• Maintain expertise on security trends through training, research, and development in order to mitigate potential security exposures.
• Professional certification such as CISA, CISM, CRISC, or CISSP is desirable.
• Good understanding of financial domain and Security IT.

Requirements

• Candidate should have Bachelor's degree in Computer Engineering with years of relevant experience in Cyber Security.
• Supports defining, enhancing, evolving, and demonstrating company's point of view and delivery approach of cybersecurity-focused services.
• Should have experience handling Issue and Exception handling process and Risk management.
• Builds and maintains client relationships, developing a strategic vision for clients and internal teams
• Perform review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively
• Maintain Technology Policies, Standards and Control Library. Technology policies and standards are in alignment with Customer's adopted industry practices and standards (I.e. ISO, NIST, CSA,)
• Lead customer audit engagement (internal and external) and oversight on all IT audit matters
• Conduct reviews to ensure systems and processes comply with existing technology policies and standards

Domain Skills

CISA, CISM, CRISC, or CISSP

Certification

Mandatory

Good to have

Detailed Job Description

• Candidate should have Bachelor's degree in Computer Engineering with years of relevant experience in Cyber Security.
• Supports defining, enhancing, evolving, and demonstrating company's point of view and delivery approach of cybersecurity-focused services.
• Should have experience handling Issue and Exception handling process and Risk management.
• Builds and maintains client relationships, developing a strategic vision for clients and internal teams
• Perform review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively
• Maintain Technology Policies, Standards and Control Library. Technology policies and standards are in alignment with Customer's adopted industry practices and standards (I.e. ISO, NIST, CSA,)
• Lead customer audit engagement (internal and external) and oversight on all IT audit matters
• Conduct reviews to ensure systems and processes comply with existing technology policies and standards
• Strong familiarity with industry frameworks such as ISO standards, GDPR, NIST, PCI DSS, CISO. Broad understanding of cyber security concepts and risks.

Industry and Technology certifications – CISA, CISM, CRISC, or CISSP