Posting Description:
ARL- 7.2
Solution Line- Commercial Risk
Position type- Full Time
Work Location- Bangalore, Whitefield
Working style- Hybrid
Cab Facility- Yes
Shift Time – 12.30 PM to 9.30 PM
People Manager role- No
Required education and certifications critical for the role- Any Graduate or Post-Graduate (full time)
At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.
As an organization, we are committed to our purpose as one firm, united through trust as one inclusive, diverse team and we are passionate about helping our colleagues and clients succeed.
We are seeking a motivated Cyber Security Consultant to support the global Digital M&A team. In this role, you will work closely with client-facing consulting teams to assess cybersecurity risks across M&A transactions and portfolio companies. Key responsibilities include performing cyber maturity assessments, conducting cyber technical control testing, and supporting cyber-M&A due diligence activities to identify risks, validate controls, and provide practical insights for deal and post-deal decision-making.
-
Lead and perform pre deal cyber due diligence for target companies, including high level risk assessments of governance, controls, and technical posture to identify red flags and quantify cyber and IT risk exposure.
-
Drive integration and remediation planning, translating Due Diligence findings into security roadmaps, 100-day plans, and longer-term value creation initiatives for portfolio companies.
-
Assess targets and portfolio entities against leading frameworks (e.g., ISO 27001, NIST CSF, Cloud Security, OT, and GDPR etc.) and highlight gaps that may affect deal value, compliance, or operational resilience.
-
Evaluate, design, and recommend security controls (technical and process based) across IT, cloud, and, where relevant, OT environments, with realistic implementation plans in a transaction context.
-
Lead or contribute to security architecture reviews and cybersecurity reviews for acquisitions, carve out, and integrations, including network, identity, endpoint, and application architectures.
-
Support and sometimes manage internal and clients facing cybersecurity reviews and Due Diligence workstreams, (cyber and IT domain) including evidence gathering, issue validation, and remediation planning.
-
Advise on and help implement secure configuration, secure SDLC practices, and application security measures that are critical for rapidly changing or newly acquired environments.
-
Collaborate closely with deal teams, and internal stakeholders to ensure security governance and compliance considerations.
-
Stay current with evolving security frameworks, technologies, regulations, and M&A market practices, and help refine Cyber M&A methodologies as required.
-
7+ years of experience (relevant) in cybersecurity, with a strong focus on cyber and technical controls, ideally including exposure to M&A, transactions, or portfolio level risk management.
-
Hands-on experience applying security frameworks and standards (e.g., NIST, ISO 27K, cloud security, OT, CSF, and GDPR etc.).
-
Deep understanding of risk management, security governance, and compliance management, and how these influence deal structure, and integration risk.
-
Proven experience in security architecture review, secure configuration, and Cybersecurity review across prem and cloud environments (AWS, Azure, or GCP).
-
Familiarity with cloud security, secure SDLC, and application security practices, particularly for SaaS or digital platform targets.
-
Strong knowledge of Identity and Access Management (IAM) and data protection techniques, and how to assess them efficiently in a Due Diligence context.
-
Track record of supporting or leading cybersecurity review and regulatory compliance projects for complex or regulated organizations.
-
Excellent written, verbal, and listening skills, with the ability to explain complex technical and risk issues clearly and concisely, and to collaborate effectively with global teams across the UK, EU, and USA.
-
Good to have relevant certifications (e.g., ISO 27001 Lead Implementer, CISA, CISM, CISSP, CompTIA Security+, AWS/Azure security certifications
In addition to our comprehensive benefits package, we are proud to be an equal opportunity workforce. At Aon, we believe a diverse workforce is an innovative workforce. Our agile, inclusive environment allows colleagues to manage their wellbeing and work/life balance while empowering you to be your authentic self.
Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging them to take time to focus on themselves. We offer a variety of workstyle options through our Smart Working model, but we also recognize that flexibility goes beyond just the place of work... and we are all for it!
Our continuous learning culture inspires and equips colleagues to learn, share and grow, helping them achieve their fullest potential. As a result, Aon colleagues are more connected, more relevant and more valued.
Aon is dedicated to integrating sustainability into our core business practices. We strive to minimize our environmental impact through innovative solutions and responsible stewardship, ensuring a sustainable future for our clients and communities.
