Risk Analyst

VicTree Solutions is hiring for a IT Risk & Audit Consultant for a client in Vashi, Navi Mumbai.

Job Title: IT Risk & Audit Consultant

Experience Required: 2-4 Years

Work Mode: Onsite only

Engagement Type: Full Time

Location: Navi Mumbai

Role:

The Consultant will work closely with client organizations to design, implement, and enhance their governance, risk, and compliance programs. The role focuses on enabling clients to achieve and sustain compliance with global standards such as ISO 27001, SOC 2, regulatory requirements (RBI, SEBI etc.) and successfully navigate regulatory audits, and strengthen their overall risk posture through structured assessments and advisory.

Educational Qualifications: BE-IT / B Tech /MBA or equivalent

Certifications:

• Bachelor's degree in Information Security, Computer Science, or a related field
• Certifications such as ISO 27001 Lead Auditor/Lead Implementer, CISA, CRISC, or CISSP
• Experience in a consulting, advisory, or professional services environment

Key Responsibilities:

1. Lead and support clients in achieving and maintaining ISO 27001 certification, including readiness
2. assessments, control implementation, documentation, and audit coordination.
3. Drive end-to-end SOC 2 (Type I & Type II) engagements, including scoping, control design, evidence management, and liaison with auditors.
4. Advise clients on regulatory compliance requirements (e.g., RBI, SEBI, data protection regulations), including control implementation, audit preparedness and response management.
5. Conduct gap assessments and maturity assessments against industry frameworks; develop prioritized remediation roadmaps aligned to business risk.
6. Perform enterprise risk assessments, helping clients identify, evaluate, and mitigate cybersecurity and compliance risks.
7. Develop and refine information security policies, standards, and governance frameworks tailored to client environments.
8. Act as a trusted advisor to client stakeholders, providing strategic guidance on improving security posture and compliance maturity.
9. Support clients during external audits and certifications, including evidence preparation,
10. walkthroughs, and audit responses.
11. Create assessment reports, client presentations and framework documents
12. Track and report risk, compliance status, and remediation progress to client leadership.
13. Stay current with evolving regulatory landscapes, threat trends, and industry best practices to provide proactive advisory.

Skills Required:

1. Strong consulting experience in ISO 27001, SOC 2, and regulatory compliance frameworks.
2. Proven ability to lead client engagements and manage multiple projects simultaneously.
3. Hands-on expertise in gap assessments, risk assessments, and control implementation.
4. Strong stakeholder management and communication skills, with the ability to engage senior leadership.
5. Ability to translate compliance requirements into practical, business-aligned solutions.
6. Excellent documentation and presentation skills.

Lets connect on LinkedIn - www.linkedin.com/in/aneeshkjain