IND IT Sr. Specialist - Information Security

Job Title-IND IT Sr. Specialist - Information Security

ARL- 7.2

Solution Line-Commercial Risk

Position type- Full Time

Work Location-Bangalore, Whitefield

Working style-Hybrid

Cab Facility-Yes

Shift Time -12.30 PM to 9.30 PM

People Manager role-No

Required education and certifications critical for the role-Any Graduate or Post-Graduate (full time)

Aon is in the business of better decisions

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

As an organization, we are committed to our purpose as one firm, united through trust as one inclusive, diverse team and we are passionate about helping our colleagues and clients succeed.

Information about business

We are seeking a motivated Cyber Security Consultant to support the global Digital M&A team. In this role, you will work closely with client-facing consulting teams to assess cybersecurity risks across M&A transactions and portfolio companies. Key responsibilities include performing cyber maturity assessments, conducting cyber technical control testing, and supporting cyber-M&A due diligence activities to identify risks, validate controls, and provide practical insights for deal and post-deal decision-making.

Job responsibilities

• Lead and perform pre deal cyber due diligence for target companies, including high level risk assessments of governance, controls, and technical posture to identify red flags and quantify cyber and IT risk exposure.
• Drive integration and remediation planning, translating Due Diligence findings into security roadmaps, 100-day plans, and longer-term value creation initiatives for portfolio companies.
• Assess targets and portfolio entities against leading frameworks (e.g., ISO 27001, NIST CSF, Cloud Security, OT, and GDPR etc.) and highlight gaps that may affect deal value, compliance, or operational resilience.
• Evaluate, design, and recommend security controls (technical and process based) across IT, cloud, and, where relevant, OT environments, with realistic implementation plans in a transaction context.
• Lead or contribute to security architecturereviewsand cybersecurity reviews for acquisitions, carve out, and integrations, including network, identity, endpoint, and application architectures.
• Support and sometimes manage internal and clients facing cybersecurity reviews andDue Diligence workstreams,(cyber and IT domain) including evidence gathering, issue validation, and remediation planning.
• Advise on and help implement secure configuration, secure SDLC practices, and application security measures that are critical for rapidly changing or newly acquired environments.
• Collaborate closely with deal teams, and internal stakeholders to ensure security governance and compliance considerations.
• Stay current with evolving security frameworks, technologies, regulations, and M&A market practices, and help refine Cyber M&A methodologies as required.

Skills/competitive skills required

• 7+ years of experience (relevant) in cybersecurity, with a strong focus on cyber and technical controls, ideally including exposure toM&A,transactions, or portfolio level risk management.
• Hands-on experience applying security frameworks and standards (e.g.,NIST, ISO 27K, cloud security, OT, CSF, and GDPR etc.).
• Deep understanding of risk management, security governance, and compliance management, and how these influence deal structure, and integration risk.
• Proven experience in security architecture review, secure configuration, and Cybersecurity review across prem and cloud environments (AWS, Azure, or GCP).
• Familiarity with cloud security, secure SDLC, and application security practices, particularly for SaaS or digital platform targets.
• Strong knowledge of Identity and Access Management (IAM) and data protection techniques, and how to assess them efficiently in a Due Diligence context.
• Track record of supporting or leading cybersecurity review and regulatory compliance projects for complex or regulated organizations.
• Excellent written, verbal, and listening skills, with the ability to explain complex technical and risk issues clearly and concisely, and to collaborate effectively with global teams across the UK, EU, and USA.
• Good to have relevantcertifications(e.g., ISO 27001 Lead Implementer, CISA, CISM, CISSP, CompTIA Security+, AWS/Azure security certifications

How we support our colleagues

In addition to our comprehensive benefits package, we are proud to be an equal opportunity workforce. At Aon, we believe a diverse workforce is an innovative workforce. Our agile, inclusive environment allows colleagues to manage their wellbeing and work/life balance while empowering you to be your authentic self.

Furthermore, all colleagues enjoy two Global Wellbeing Days each year, encouraging them to take time to focus on themselves. We offer a variety of workstyle options through our Smart Working model, but we also recognize that flexibility goes beyond just the place of work... and we are all for it!

Our continuous learning culture inspires and equips colleagues to learn, share and grow, helping them achieve their fullest potential. As a result, Aon colleagues are more connected, more relevant and more valued.

Commitment to sustainability

Aon is dedicated to integrating sustainability into our core business practices. We strive to minimize our environmental impact through innovative solutions and responsible stewardship, ensuring a sustainable future for our clients and communities.

#li-cs1