Information Security Consultant

3 weeks ago


New Delhi, India Soffit Infrastructure Services (P) Ltd Full time

The Information Security Consultant will be responsible for the implementation, assessment, and management of ISO 27001:2022, ISO 27002, and SOC 2 standards for clients. This role involves working independently or alongside senior consultants to help clients achieve and maintain information security compliance and other best practices. The consultant will focus on assessing and ensuring compliance with key security frameworks and will provide vCISO support to various clients.Key Responsibilities: ISO 27001/27002 Compliance: Assist clients in achieving ISO 27001 certification by identifying and implementing the appropriate controls within the audit scope. Verify compliance with ISO 27001/27002 controls and provide recommendations for improvement. SOC 2 Compliance: Assist clients in achieving SOC 2 compliance by identifying and implementing the appropriate Trust Service Criteria (TSCs). Conduct SOC 2 compliance assessments and ensure the proper implementation of required controls. Risk Assessment and Mitigation: Conduct risk assessments of business activities, collaborating with stakeholders to manage risks until closure or acceptance. Provide actionable recommendations to mitigate identified risks. Policy and Procedure Development: Define, develop, and review information security policies, procedures, guidelines, forms, and templates in line with best practices. Ensure documentation is up-to-date and aligned with industry standards. Baseline Standards Review: Create and review baseline standards for operating systems, databases, web servers, and applications. Recommend improvements based on security assessments. Post-Implementation Audits: Support post-implementation audits for ISO 27001:2022 to ensure ongoing compliance. Monitor and assess adherence to established information security standards. Information Security Awareness: Create and execute organizational information security awareness programs. Conduct training sessions to ensure employees are knowledgeable about security best practices. Security Standards Compliance: Assist clients in ensuring compliance with various security standards (ISO 27001, SOC 2, HIPAA, NIST, CIS, PCI DSS, etc.). Recommend strategies to ensure long-term adherence to security best practices. Incident Response: Develop and implement incident response plans to handle security breaches and cyberattacks. Ensure that clients have clear, actionable plans to address potential security incidents. Gap Assessment: Conduct gap assessments to identify areas of non-compliance and provide remediation strategies. vCISO Support: Provide virtual Chief Information Security Officer (vCISO) support to clients, advising on information security strategy and governance.Skills and Qualifications:Technical Skills: Strong background inInformation Technologyand/orCybersecurity . Proficiency in auditing, policy development, database security, firewall design, risk analysis, identity management, access control, and web security. Knowledge of security frameworks including ISO 27001, SOC 2, HIPAA, NIST, CIS, PCI DSS, and other industry best practices. Hands-on experience withISO 27001:2022andSOC 2implementations and assessments. Strong understanding of risk management and the ability to assess and mitigate security risks.Presales and Communication Skills: Excellentclient-facingcommunication skills. Strong problem-solving abilities and the capacity to work effectively in a team environment. Ability to communicate complex technical concepts to both technical and non-technical audiences. Demonstrated ability to deliver presentations and conduct training sessions.



  • New Delhi, India Soffit Infrastructure Services (P) Ltd Full time

    The Information Security Consultant will be responsible for the implementation, assessment, and management of ISO 27001:2022, ISO 27002, and SOC 2 standards for clients. This role involves working independently or alongside senior consultants to help clients achieve and maintain information security compliance and other best practices. The consultant will...


  • New Delhi, India Sattrix Information Security Full time

    Device Management (Endpoint) Support Engineers – L1 & L2 Location: Chennai, Hyderabad and Mumbai Mode: work from office (5 days) Shifts: Rotational Shifts (24x7) Budget - L1: 6-7 LPA; L2: 15-18 LPASkills required (End Point Security): Sentinal One Carbon Black Aruba - NAC DAM - Imperva DSF - ImpervaJob Overview: We are looking forDevice Management L1 and...


  • New Delhi, India Sattrix Information Security Full time

    Device Management (Endpoint) Support Engineers – L1 & L2Location: Chennai, Hyderabad and MumbaiMode: work from office (5 days)Shifts: Rotational Shifts (24x7)Budget - L1: 6-7 LPA; L2: 15-18 LPASkills required (End Point Security):- Sentinal One - Carbon Black - Aruba - NAC - DAM - Imperva - DSF - ImpervaJob Overview:We are looking for Device Management L1...


  • New Delhi, India CryptoMize Full time

    Responsibilities END --> Our Principles These are some of the principles that we strongly believe in, preach and actually follow as well. Commitments We clearly commit what we can do, by when can we do it and how we would do it, And then we do it. Confidentiality We are extremely paranoid about protecting the confidentiality of what...


  • New Delhi, India CryptoMize Full time

    Responsibilities END --> Our Principles These are some of the principles that we strongly believe in, preach and actually follow as well. Commitments We clearly commit what we can do, by when can we do it and how we would do it, And then we do it. Confidentiality We are extremely paranoid about protecting the confidentiality of what...

  • Security Researcher

    3 weeks ago


    New Delhi, India Altered Security Full time

    We are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments. It has offices in India and Singapore.We are experts in information security training, cyber ranges, online labs and security...


  • Delhi, Delhi, India Sky Nexus Full time

    Company DescriptionSky Nexus Australia is a trusted provider of IT services and consulting, specializing in information security solutions for small and medium-sized enterprises (SMEs). With a mission to empower SMEs with secure and reliable technology solutions, we understand the challenges they face in navigating the complexities of information technology...


  • New Delhi, India Lexitas Full time

    About the companyLexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success.Lexitas offers an array of services including local and national court reporting, medical record retrieval, process...


  • New Delhi, India Lexitas Full time

    About the companyLexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success. Lexitas offers an array of services including local and national court reporting, medical record retrieval, process...


  • New Delhi, India Lexitas Full time

    About the company Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success. Lexitas offers an array of services including local and national court reporting, medical record retrieval, process...