As Cyber Security Analyst, you will be required to work & collaborate with our client IS / Cyber Security teams to understand their cyber security systems, architecture, processes, etc., and recommend necessary changes & implement enhanced Information Security systems either within organisation or at the client systems.
Roles & Responsibilities:
- Responsible for executing day to day firm wide cyber security risk, compliance, and assurance activities.
- Drive implementation of the cyber security projects and assessments in the areas of governance and risk
- Collaborate with internal and external stakeholders assessing cyber security controls. Support the collection of any necessary evidence, coordination of walkthroughs / meetings, and any needed logistics to facilitate the assessment / audit effort.
- Provide support for internal and external audits related to cybersecurity compliance.
- Assist in the remediation of audit findings and implementation of corrective actions.
- Conducting and managing third-party risk assessments to evaluate our products and infrastructure to manage information risks and protect company data.
Qualifications:
- Bachelor's degree in Information Technology or a related field
- 7-10 years of experience in cyber security audit and/ or compliance. Leading internal/external cyber security audit assessments
- Strong implementation or assessment experience of ISO27001 / NIST Cyber Security Framework standards and requirements.
- Proven track record and experience in executing information security-related projects in a global company
- Experience in supporting cyber security audits by internal audit or other third parties (i.e., ISO 27001, ISO 27017 (Cloud Security)).
- Experience with infrastructure operations and processes associated with IT service management in an enterprise-level organization; Should have good understanding of Security concepts like SOC2, SOX, GDPR/PCI, etc.,
- Excellent analytical and problem-solving skills.
- Experience presenting to large audiences. Very good oral and written communication and collaboration skills, with the ability to engage with both technical and non-technical stakeholders
- Proficiency in using cybersecurity tools and technologies
- Preferred Certifications: ISO27001 Lead Implementor and Auditor, CISA, CISSP, CISM, CRISC and SANS GIAC.
- Note: Looking for candidates who can join within max 30 days
