About Grant Thornton:
Grant Thornton is collaborative, entrepreneurial and on the move. As part of a dynamic global organization of 62,000 people serving clients in more than 135 countries, we have the agility and focus it takes to be a leader. Founded in Chicago in 1924, Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd., one of the world’s leading organizations of independent audit, tax and advisory firms. Grant Thornton has revenues in excess of $1.87 billion and operates 58 offices across the U.S., with 623 partners and 10,000+ employees in the United States and at our Shared Services Center in Bangalore and Kolkata, India.
About GT INDUS:
GT INDUS is the in-house offshore center for GT US. Situated in Bangalore, GT INDUS has over 2000 professionals in Tax, Audit, Advisory, Client Services, and Enabling functions. Empowered people, bold leadership and distinctive client service are the foundation of the culture at GT INDUS. A transparent, competitive, and excellence-driven firm that offers an opportunity to be part of something significant. Driven, young professionals at GT INDUS serve communities through inspirational and generous services to give back to their communities. There is no limit on the type of work a GT INDUS audit professional can perform, nor is there any limit on the engagement integration with GT INDUS. GT INDUS audit professionals will have the opportunity to work on audit engagements from beginning to end. Visit the website for more:
About Cyber Risk Advisory
Grant Thornton's Cybersecurity & Privacy Advisory practice provides risk management consulting and advisory services to the clients. Cybersecurity & Privacy Advisory practice offers an excellent opportunity to leverage your information security consulting knowledge and experience to broaden your business and project management skills in a rewarding and challenging environment. Cyber Risk team is responsible for delivering a full range of services to clients and all phases of project and engagement management for multiple clients. Responsibilities include engagement planning, directing, and completion of Security Framework assessment, GRC Management using tools like ServiceNow, RSA Archer, Third Party Risk Assessment, and Information Security architectural design; should have basic knowledge on Privacy regulations such as GDPR, CCPA; developing and supervising other Grant Thornton engagement staff; assisting in assigned client management and practice development activities.
Location: Kolkata, India | Bangalore, India
- Working knowledge of cybersecurity industry best practices and guidance, including NIST Cybersecurity Framework, OWASP, CIS Critical Security Controls, ISO 27001/2.
- Understanding of TCP/IP protocol suite. (i.e. TCP, SMTP, DNS, HTTP, etc.)
- Experience in project management and the ability to clearly communicate security technology issues verbally on both a formal and informal basis to all levels of client staff.
- Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
- Ability to work additional or irregular hours based on client requirements.
- Experience with the secure configuration of various infrastructure platforms and devices such as Microsoft Windows, Unix / Linux, and common network devices (routers, switches, firewalls).
- Documentation of technical testing and assessment results in a formal report format.
- Excellent analytical and organization skills
- Ability to manage multiple client engagements and competing priorities in a rapidly growing, fast paced, interactive, results based team environment.
- Ability to work additional hours as needed and travel on a regular basis to clients as required.
- Experience with the secure configuration of various infrastructure platforms and devices such as Microsoft Windows, Unix / Linux, and common network devices (routers, switches, firewalls).
- Ability to work well independently or with a team.
- Experience troubleshooting common IT challenges.
- Experience with intrusion detection systems, firewalls, email/web content filtering, DLP, UBA/UEBA, VPN, and other common security technologies.
- Expertise in designing secure networks, systems and application architectures
- Disaster recovery, computer forensic tools, technologies and methods
- Planning, researching and developing security policies, standards and procedures
- System administration, supporting multiple platforms and applications
- Expertise with mobile code and malicious code
- Assessing, designing and implementing end-point security solutions and platforms. Hands-on working experience with relevant enterprise technology (E.g. CrowdStrike, Exabeam, Carbon Black, etc)
- Demonstrated experience in one or more Cloud Security tools
- Vulnerability assessments, network penetration tests, wireless security assessments, web application security assessments, and social engineering activities.
- Familiarity with threat and vulnerability management solutions
- Endpoint security solutions, including file integrity monitoring and data loss prevention
- AWS and cloud platform as a service (PaaS) security
- Knowledge of risk assessment tools, technologies, and methods