
Information Security Consultant-2
20 hours ago
The Information Security Consultant will support planning, execution, and reporting of operational and system IT internal controls and risk management within the company. This role will act as a point of contact for Cybersecurity Governance, Risk, and Compliance . The role will work closely with the Technology functional teams and internal business lines in the day-to-day operational delivery of the overall Cybersecurity Compliance program.
Teaming with the Cybersecurity Compliance Manager, the Information Security Consultant will:
- Monitor changes in business processes, information systems, management and operations, and accordingly maintain an assessment to risk.
- Build and maintain productive relationships with process owners.
- Through effective leadership, ensure audits of control effectiveness and design and other projects are completed in an efficient manner, and within established deadlines.
- Through the effective review of department work, ensure that the assessments of internal control structure related to processes audited are supported through sufficient and adequately documented evidence.
- Continually evaluate the efficiency and effectiveness of the internal controls and department functions, and identify areas of improvement.
- Assist with internal investigations.
- Promote good practice of Information Security Compliance to staff and associated contractors.
- Provide direct and specific guidance to the department internal control process owners as appropriate for each process owner of the department and the work being performed.
- Perform risk assessments related to controls in scope for work being performed.
Responsibilities
- Maintain awareness of current compliance, audit professional standards and any associated legislation changes, and apply where appropriate to the internal IT controls and audit function.
- Maintain awareness of current issues and significant changes within the business environment and business processes.
- Periodically determine the need for revisions to control processes.
- Demonstrate effective interaction with all levels of management and business partners.
- Review specific control risk assessments to ensure efficiency and effectiveness in addressing key risks associated with the respective auditable entity or entities.
- Review risk questionnaire submissions to identify key risks associated with the respective vendorservice and work with stakeholders to mitigate and advise.
- Ensure that appropriate communication has been made in advance with compliance and internal process & service owners regarding the timing and logistics of each audit and review.
- Anticipate problems and obstacles to the timely and efficient completion of audits and compliance reviews. Recommend solutions to anticipated and incurred problems and obstacles impeding the timely completion of such audit and reviews.
- Through an understanding of internal controls, standards and applicable policies, procedures, and country regulations, review evidence to ensure the assessment of the effectiveness and efficiency of internal controls is adequate and sufficiently supported and documented, and the departmental and professional standards are adequately upheld.
- Ensure issues and exceptions are fully identified and properly defined, and recommendations are adequately formulated to address the root cause of identified issues in a beneficial manner.
- Ensure issues and recommendations are adequately and effectively communicated to owners on a proactive basis during the course of each audit or review.
- Review final process owners responses for adequacy and completeness.
- Ensure appropriate and timely follow-up audit work is performed to properly update the status of outstanding reported issues, and adequate communication is provided to management on a proactive basis.
- Use the firms various methods of internal communication to direct colleagues and the wider organization to current, new policies and essential compliance information.
Experience & Education
- Experience in evaluating third parties for the presence of fundamental information security controls.
- College diploma or university degree in the field of computer science, information systems, or computer engineering
- Exposure to any GRC technologies to perform risk management.
- Good understanding of compliance standards/framework like ISO 27001/27002, NIST, SOC1, SSAE16/SOC2, CIS.
- Knowledge of technical domains such as network security , cloud security , application security and penetration test concepts.
- Experience in conducting risk assessments and applying concept of inherent and residual risk in order to draw appropriate conclusion and articulate the same to non-technical audiences.
- Minimum of 4 years IT experience; or equivalent combination of education and experience
- Minimum of 4 years experience of contributing to the success of a range of midsize-to-large multi-country initiatives.
- Experience in designing and managing compliance and risk management controls and processes in day to day IT operations and projects.
- Experience in undertaking and reporting on internal audits of IT operations, applications and projects.
- Experience working in the corporate sectors (financial services, telecommunications or utilities)
- Experience working in real estate services industry
Technical Skills & Competencies
- High level of written and oral English communication skills.
- High level of analytical, conceptual, and problem-solving abilities.
- Affable, credible and can communicate effectively with clients and colleagues.
- Good research skills and the ability to manage details
- Ability to present ideas in user-friendly language.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Team player with experience working in a team-oriented, collaborative environment
- Quality focused and highly flexible
- Thinks ahead and anticipate problems, issues and solutions
- Certified Information Systems Auditor (CISA)
- Information Technology Infrastructure Library (ITIL) Foundation
-
Information Security Consultant
1 day ago
Bengaluru, Karnataka, India Scrut Automation Full timeJob Description: Information Security ManagerRole DetailsPosition: Information Security ManagerLocation: BangaloreAbout SCRUT AutomatScrut Automation is a one-stop shop for infosec compliance. It supports IT/ITES/SaaS companies in automating their information security compliance tasks and reduces manual work in maintaining compliance by ~70%. Founded by...
-
Cyber Security Consultant
1 day ago
Bengaluru, Karnataka, India Soffit Infrastructure Services (P) Ltd Full timeThe Information Security Consultant will be responsible for the implementation, assessment, and management of ISO 27001:2022, ISO 27002, and SOC 2 standards for clients. This role involves working independently or alongside senior consultants to help clients achieve and maintain information security compliance and other best practices. The consultant will...
-
Information Security Coordinator
2 weeks ago
Bengaluru, Karnataka, India Westernacher Consulting Full time US$ 90,000 - US$ 1,20,000 per yearIf you're looking for an exciting opportunity to work with a team of talented colleagues who enjoy both work and life.Westernacher is the perfect place. We are seeking an Information Security coordinator for our growing team in India. Your ResponsibilitiesTake on a role of our global Information Security Team within the Global Compliance area, supporting...
-
Senior Information Security Technical Consultant
3 weeks ago
Bengaluru, Karnataka, India Gateway Search Full timeWe are hiring for a tech client in Bangalore for Information Security Technical Consultant having 8 to 12 years of experience in Firewalls (Cisco Asa, Check Point) ,IPS( Cisco),file Integrity Monitoring(Tripwire, Trend Micro Deep Security),SIEM, Web Application Firewalls( Imperva), Next-Generation Firewalls ( Palo Alto Networks, Cisco FTD), Security...
-
Information Security Analyst
4 days ago
Bengaluru, Karnataka, India Exotel Techcom Pvt Ltd Full time ₹ 6,00,000 - ₹ 10,00,000 per yearAbout Us:Exotel is the emerging market's leading full-stack customer engagement platform and business-focused virtual telecom operator. Incorporated in 2011, Exotel's cloud-based product suite powers 50 million daily engagements across voice, video and messaging channels. Exotel powers unified customer engagement to over 6000 companies in 60+ countries,...
-
Head of Information Security
1 week ago
Bengaluru, Karnataka, India Pixis Full timeAbout us:Pixis is a US-based codeless technology company that develops accessible AI to empower brands to scale their performance marketing efforts and augment their decision-making seamlessly. Since its inception, Pixis has been on a mission to develop powerful AI infrastructure that equips marketers across countries with robust plug-and-play AI products,...
-
Information Security Engineer
1 day ago
Bengaluru, Karnataka, India beBeeCybersecurity Full time ₹ 15,00,000 - ₹ 20,00,000Information Security Engineer PositionThis position is open for a highly skilled Information Security Engineer to join our organization. As an Information Security Engineer, you will play a critical role in ensuring the security and integrity of our IT infrastructure.Main Responsibilities:Design, implement, and manage security controls to prevent and detect...
-
Information Security Compliance Administrator
2 weeks ago
Bengaluru, Karnataka, India BPM LLP Full time ₹ 9,00,000 - ₹ 12,00,000 per yearBPM Overview: What does BPM stand for? Innovation, opportunity, community, diversity, inclusivity, flexibility and so much more. B-P-M stands for "Because People Matter," because at our core, our people drive everything we do and how we do it.We are a forward-thinking, full-service accounting firm providing modern solutions to businesses across the globe....
-
Bengaluru, Karnataka, India Gateway Search Full timeWe are hiring for a tech client in Bangalore for Information Security Technical Consultant having 8 to 12 years of experience in Firewalls (Cisco Asa, Check Point) ,IPS( Cisco),file Integrity Monitoring(Tripwire, Trend Micro Deep Security),SIEM, Web Application Firewalls( Imperva), Next-Generation Firewalls ( Palo Alto Networks, Cisco FTD), Security...
-
Head of Information Security
3 weeks ago
Bengaluru, Karnataka, India Pixis Full timeJob DescriptionAbout us:Pixis is a US-based codeless technology company that develops accessible AI to empower brands to scale their performance marketing efforts and augment their decision-making seamlessly. Since its inception, Pixis has been on a mission to develop powerful AI infrastructure that equips marketers across countries with robust plug-and-play...