Role Summary:
The role involves leading and executing cybersecurity, privacy, and governance engagements across multiple domains including ISO frameworks, regulatory compliance (RBI, SEBI, IRDAI), and third-party risk. The candidate will assess, design, and implement information security controls aligned with global standards and client needs.
---
Key Responsibilities
Cybersecurity Governance & Risk
· Lead ITGC, cybersecurity, privacy, and third-party risk audits end-to-end.
· Define and enhance governance, risk, and compliance frameworks.
· Ensure alignment with regulatory and industry standards (RBI, SEBI, IRDAI, GDPR, ISO 27001).
· Conduct cybersecurity gap and risk assessments to identify control weaknesses and mitigate threats.
· Design, develop, and maintain information security frameworks aligned to ISO 27001 and other global standards.
· Perform maturity assessments and assist in developing cybersecurity strategies and roadmaps.
· Lead engagements across cybersecurity domains — including NIST, BCP, ISO 27001, SSAE18, ISAE3402, and SOC 2.
Privacy & Compliance
· Develop and review privacy frameworks and processes aligned with GDPR and GAPP.
· Conduct assessments for data privacy and business continuity compliance.
· Ensure adherence to regulatory requirements across BFSI regulators (RBI, SEBI, IRDAI, etc.).
· Conduct SEBI-mandated CSCRF and System Audits, ensuring compliance with cybersecurity framework requirements for intermediaries.
· Conduct Outsourcing Governance frameworks as per RBI and SEBI guidelines, including risk evaluation, vendor due diligence, and control testing.
· Perform System and Application Audits covering ITGC, cybersecurity controls, and data integrity validation.
· Lead compliance reviews under RBI’s Cybersecurity Framework, IRDAI Information & Cyber Security Guidelines, and other regulatory circulars.
· Assist in preparing clients for regulatory inspections, submissions, and board-level reporting.
Consulting & Client Delivery
· Manage end-to-end client engagements, including planning, execution, and reporting.
· Participate in proposal development, client presentations, and thought leadership initiatives.
· Support clients in strengthening cybersecurity posture and implementing effective risk mitigation measures.
Leadership & Collaboration
· Lead project teams and ensure high-quality deliverables.
· Coordinate with cross-functional teams to drive compliance and cybersecurity initiatives.
· Mentor junior consultants and support internal capability development.
---
Skills & Experience
· Strong understanding of cybersecurity, IT governance, and technology risk management.
· Hands-on experience in ISO 27001, ISO 42001, ISO 22301, ISO 27701 frameworks and regulatory audits.
· Exposure to third-party risk management and business continuity planning.
· Excellent communication, problem-solving, and stakeholder management skills.
· Consulting experience preferred.
---
Qualifications
· Certifications (Preferred): ISO 27001 LA, ISO 22301, ISO 27701, CISSP, CISA.
· Experience: 3–5 years in cybersecurity, governance, risk, or compliance domains.
· Availability: Immediate joiners preferred.
Pay: ₹500,000.00 - ₹800,000.00 per year
Work Location: In person
