Search by job, company or skills

Marks and Spencer Reliance India Private Limited

Senior Consultant - IT Security

Marks and Spencer Reliance India Private Limited
Gurugram, India
Fresher

This job is no longer accepting applications

new job description bg glownew job description bg glownew job description bg svg
  • Posted 2 months ago

Job Description

Key Deliverables (Essential Functions & Responsibilities of the Job):

  • Provide support as Lead implementor towards ISMS and PIMS policies, procedures, and guidelines and ensure to perform regular review and update.
  • Gather evidence of continuous compliance with ISO 27001:2022 and ISO 27701:2019, DPDPA, IT Act and Cert In Regulation including audit logs, records of reviews, timely closure of open audit and risks and sharing the report with management.
  • Conduct regular, documented information security and privacy risk assessments on Security Tools and Technologies by identifying assets, threats, vulnerabilities, likelihood, and impact.
  • Prioritize identified vulnerabilities, detailed findings, remediation recommendations, trending reports on vulnerability posture towards closure with stakeholders.
  • Implementation of a comprehensive, ongoing security project plan for remediation of open audit gaps.
  • Prepare regular report on overall information security posture, GRC maturity, and risk landscape to relevant stakeholders.
  • Perform Root Cause Analysis and lessons learned from information security incidents, actively participate in audits and support internal IT staff to perform technical assessments and controls with evidence.

Key Relationships:

  • Internal IT and business customers in MSR,
  • Global/Local IT Vendor, market and global (HQ) colleagues,
  • IT vendors, contractors (where applicable).

Skills:

  • Must have ISO 27001 Lead Implementer and ISO 27701 Lead Implementer certifications.
  • In depth understanding of IT Act, DPDPA, Cert In regulations, CIS Controls as well as UK DPA and ISO 31000
  • Good to have certification on CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional) and Cloud Security certifications (e.g., CCSK, CCSP, vendor-specific like AWS Security Specialty)
  • Familiarity with common vulnerability scanning tools like Qualys (features, reporting, agent-based vs. network scans) and Cloud Security Posture Management (CSPM) tools like Wiz (cloud service provider configurations, misconfigurations, compliance checks in AWS, Azure, GCP).
  • Conduct and lead IT DR drills and Tabletop exercises with internal IT teams.
  • Hands on knowledge on common security technologies (e.g., firewalls, EDR, Cloud Security, VAPT tools, SIEM, WAF, DLP, PAM, BAS, encryption etc.,).
  • Ability to handle and manage Endpoint, Perimeter, Cloud and Data Security technical consoles with configuration and fine tuning of policies.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Information Security
Employment Type:
Full time

Job ID: 139455979

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 31-03-2026 06:56:15 PM
Homejobs in Gurgaon / GurugramSenior Consultant - IT Security