Associate - Security Consultant

• Information Security Assessments:
• Conduct comprehensive information security assessments in accordance with ISO 27001, GDPR, SOC 2 Type 2, CCPA, HIPAA, and other relevant standards.
• Ability to perform network architecture review
• Ability to perform system configuration review for OS (Win & Linux), Servers, DB, Routers / Switches and Firewalls
• Ability to perform firewall rules review and application code review
• Conduct Risk Management and ISMS audit for clients
• Conduct Business Impact Analysis and support clients in BCP - DR exercise
• Develop and maintain audit checklist and documents
• Design ISMS framework based on ISO 27001
• Develop and Maintain Document Management System : Policies, Procedures and Records
• Co-ordinate with internal Engineering Team ( VAPT team) for Vulnerability Analysis and Penetration Testing Activities.
• Conduct Security Awareness Training sessions for clients and the internal team
• Prepare detailed assessment reports, including findings, analysis, and recommendations.
• Stay up-to-date with the latest developments in information security and ISO 27001 standards.

Requirements

Qualifications:

• Bachelor's degree in Information Security, Computer Science, or a related field.
• ISO 27001 Lead Auditor or Lead Implementer certification is highly desirable.
• 3 to 4 years of experience in information security assessments and ISO 27001 compliance.
• Experience in IT Security and Infrastructure audits
• Proficiency with cloud platform (Azure, AWS, GCP).
• Strong understanding of information security principles, practices, and frameworks.
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills.
• Ability to work independently and as part of a team.

Preferred Skills:

• Experience with other information security standards and frameworks (e.g., NIST, COBIT, PCI-DSS).
• Proven ability to conduct ISMS audit independently
• Must possess good knowledge of networking, different flavours of operating system, endpoint devices and security devices
• Basic knowledge of different compliance standards such as PCI DSS, HIPAA, GDPR, CCPA.
• Payment Card Industry Standards PCI DSS , knowledge and implementation skill is an advantage.
• Knowledge of risk management methodologies.
• Familiarity with security incident response and management.
• Project management experience.

Benefits

What We Offer:

• Competitive salary and benefits
• Medical Insurance
• Parental Support - Maternity cover
• Retirement Benefits - PF Contribution
• Opportunities for professional growth
• Collaborative and inclusive work environment
• Flexible working hours.