Information Security Consultant

14 hours ago


New Delhi, India Soffit Infrastructure Services (P) Ltd Full time

The Information Security Consultant will be responsible for the implementation, assessment, and management of ISO 27001:2022, ISO 27002, and SOC 2 standards for clients. This role involves working independently or alongside senior consultants to help clients achieve and maintain information security compliance and other best practices. The consultant will focus on assessing and ensuring compliance with key security frameworks and will provide vCISO support to various clients.Key Responsibilities: ISO 27001/27002 Compliance: Assist clients in achieving ISO 27001 certification by identifying and implementing the appropriate controls within the audit scope. Verify compliance with ISO 27001/27002 controls and provide recommendations for improvement. SOC 2 Compliance: Assist clients in achieving SOC 2 compliance by identifying and implementing the appropriate Trust Service Criteria (TSCs). Conduct SOC 2 compliance assessments and ensure the proper implementation of required controls. Risk Assessment and Mitigation: Conduct risk assessments of business activities, collaborating with stakeholders to manage risks until closure or acceptance. Provide actionable recommendations to mitigate identified risks. Policy and Procedure Development: Define, develop, and review information security policies, procedures, guidelines, forms, and templates in line with best practices. Ensure documentation is up-to-date and aligned with industry standards. Baseline Standards Review: Create and review baseline standards for operating systems, databases, web servers, and applications. Recommend improvements based on security assessments. Post-Implementation Audits: Support post-implementation audits for ISO 27001:2022 to ensure ongoing compliance. Monitor and assess adherence to established information security standards. Information Security Awareness: Create and execute organizational information security awareness programs. Conduct training sessions to ensure employees are knowledgeable about security best practices. Security Standards Compliance: Assist clients in ensuring compliance with various security standards (ISO 27001, SOC 2, HIPAA, NIST, CIS, PCI DSS, etc.). Recommend strategies to ensure long-term adherence to security best practices. Incident Response: Develop and implement incident response plans to handle security breaches and cyberattacks. Ensure that clients have clear, actionable plans to address potential security incidents. Gap Assessment: Conduct gap assessments to identify areas of non-compliance and provide remediation strategies. vCISO Support: Provide virtual Chief Information Security Officer (vCISO) support to clients, advising on information security strategy and governance.Skills and Qualifications:Technical Skills: Strong background inInformation Technologyand/orCybersecurity . Proficiency in auditing, policy development, database security, firewall design, risk analysis, identity management, access control, and web security. Knowledge of security frameworks including ISO 27001, SOC 2, HIPAA, NIST, CIS, PCI DSS, and other industry best practices. Hands-on experience withISO 27001:2022andSOC 2implementations and assessments. Strong understanding of risk management and the ability to assess and mitigate security risks.Presales and Communication Skills: Excellentclient-facingcommunication skills. Strong problem-solving abilities and the capacity to work effectively in a team environment. Ability to communicate complex technical concepts to both technical and non-technical audiences. Demonstrated ability to deliver presentations and conduct training sessions.



  • New Delhi, India NISG (National Institute for Smart Government) Full time

    From 7 to 12 year(s) of experience ₹ Not Disclosed by Recruiter - New Delhi **Roles and Responsibilities** **About NHA**: **National Health Authority (NHA)**is the apex body responsible for implementing India’s flagship public health insurance/assurance scheme called “Ayushman Bharat Pradhan Mantri Jan Arogya Yojana” & has been entrusted with the...


  • New Delhi, India CryptoMize Full time

    Responsibilities END --> Our Principles These are some of the principles that we strongly believe in, preach and actually follow as well. Commitments We clearly commit what we can do, by when can we do it and how we would do it, And then we do it. Confidentiality We are extremely paranoid about protecting the confidentiality of what...


  • New Delhi, India CryptoMize Full time

    Responsibilities END --> Our Principles These are some of the principles that we strongly believe in, preach and actually follow as well. Commitments We clearly commit what we can do, by when can we do it and how we would do it, And then we do it. Confidentiality We are extremely paranoid about protecting the confidentiality of what...

  • Security Researcher

    14 hours ago


    New Delhi, India Altered Security Full time

    We are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments. It has offices in India and Singapore.We are experts in information security training, cyber ranges, online labs and security...


  • New Delhi, India TAC Security Full time

    Job descriptionAs a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and...


  • New Delhi, India Peoplefy Full time

    Information Security Manager Location: Pune (Yerwada) | Hybrid Mode Experience: 11+ Years ⏳ Notice Period: Immediate to 60 DaysJob Description We are seeking an experiencedInformation Security Managerto lead and strengthen our security practices. This role requires a proven leader with strong expertise inApplication Security, DevSecOps, and Vulnerability...


  • New Delhi G.P.O., Delhi, Delhi, India Rightmen Security Service Full time

    As a leading security company in Singapore, Rightmen Security Services started its operation in the year 2011. Throughout the years, we have gained valuable experience from a great diversity of clients. Nowadays, more and more customers are beginning to inquire about security consulting services. In this field, any imminent threat may arise at any time and...


  • New Delhi, India CYBER سايبر Full time

    We at CYBER are looking for an exceptional Chief Information Security Officer (CISO) to join our leadership team. This is afull-timeleadership role offering occasional flexibility but requiring a strong on-site and executive presence to drive security strategy across the organization. As CISO, you will design, implement, and oversee a world-class...


  • New Delhi, India Talent Worx Full time

    SAP GRC (Governance, Risk, and Compliance)/ Security Consultant to join our team. In this role, you will be responsible for implementing and managing security protocols and compliance measures within our SAP environment to safeguard sensitive data and ensure adherence to regulations. As a Senior Consultant, you will lead projects focused on SAP GRC...


  • New Delhi, India Talent Worx Full time

    SAP GRC (Governance, Risk, and Compliance)/ Security Consultant to join our team. In this role, you will be responsible for implementing and managing security protocols and compliance measures within our SAP environment to safeguard sensitive data and ensure adherence to regulations. As a Senior Consultant, you will lead projects focused on SAP GRC...