2,517 Cyber Risk Management jobs in India

Talworx is hiring!

Our client in India, a professional services firm, is the Indian member firm affiliated. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. Our client has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai,

Noida, Pune, Vadodara, and Vijayawada.

Our client in India offers services to national and international clients in India across sectors. We strive to

provide rapid, performance-based, industry-focussed and technology-enabled services, which reflect a

shared knowledge of global and local industries and our experience of the Indian business environment.

Our professionals provide the experience to help companies stay on track and deal with risks that could

unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth,

quality and operational challenges and working in partnership with us.

Requirements

Roles & Responsibility:

• Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital

infrastructure, systems, and security controls.

• Collaborate with cross-functional teams to gather essential information and data required for

comprehensive risk assessments.

• Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide

actionable recommendations for risk mitigation.

• Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the

effectiveness of risk assessments.

• Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients

and internal stakeholders.

• Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity

risk management strategies.

• Mentor and support junior team members to foster their professional growth and skills in cyber risk

assessments.

Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related

fields.

• A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related

security assessments.

• Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/2000 LI/LA or

equivalent are highly valued.

• Profound knowledge of cybersecurity frameworks, industry standards, and best practices.

• Proficiency in using various security assessment and techniques.

• Strong analytical and problem-solving skills, with the ability to think critically and strategically.

• Excellent communication and presentation skills, capable of effectively communicating technical

concepts to both technical and non-technical audiences.

• Demonstrated experience in project management and handling multiple assessments simultaneously.

• A proactive and self-motivated approach to work, with a commitment to continuous learning and

professional development.

• Network Security, infrastructure assessment and network architecture design review.

• Conceptual knowledge of OT Security/ISA 62443 standard is preferable.

>> CRITERIA

o Education 60% above throughout academics

o One 3 years (at least) regular course is must either Diploma or Graduation

o Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent

o Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/2000 LI/LA (At least

one)

o CCNA (Mandatory), CCNP or equivalent(optional).

>> COMPENSATION

O Compensation is competitive with industry standards

o Details of the compensation breakup will be shared with short-listed candidates only

Benefits

Work with one of the Big 4's in India

Healthy work Environment

Work Life Balance

IT Advisory Risk Consulting—IT Audit & Assurance 

Our client’s IT Advisory – Risk Consulting team is looking for Associate Consultants/ Consultants/ Assistant Managers to join their IT Audit & Assurance team in Bengaluru. Team provides Independent assurance on controls in place across client’s IT environment and ways to mitigate Technology risks. 

Following are some of our key solution offerings

• Risk Based IT Internal Audit
• IT SOX 404 Controls Testing, Quality Assurance
• Internal Financial Controls related to IT General Controls 
• IT General Controls as part of Financial Statements Audits
• IT Risk & Control Self-Assessment 
• Business Systems Controls / IT Application Controls 
• Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc.
• IT Attestation (SOC1/SOC2/ISAE 3402, ISAE 3000 etc.)
• Third Party/Vendor Risk Assessments 

Position: Associate Consultants/ Consultants/ Assistant Managers

Location: Bengaluru  

Requirements

Industry Experience:

• Plan, budget and execute the day-to-day activities of infrastructure audit engagements for clients
• Assess client's security landscape, assess, evaluate and recommend most suitable security solution, tools & techniques to create a threat resilient landscape using our client's differentiated approach and methodologies. Provide security concept, framework & standards for development & support client teams for the solution design, customization build and roll out to end users. 
• Perform a holistic security risk assessment of the client’s IT landscape taking various assets, threats, vulnerabilities, business impact & legal aspects into consideration. Designing and implementing controls to mitigate identified risks by lucid communication to client stakeholders. Effective persuasive/convincing abilities while communicating gaps detected during audits, risk assessments, attestation engagements.   
• Collaborate with other practice groups to review the effects of new threats and vulnerabilities in the security space to assess, remediate, test and protect client application artefacts, data and enterprise ecosystems from threat vectors as they emerge. 
• Work with other technology groups to provide cohesive solutions in Risk assessments, Financial statement audits, Attestation engagements encompassing network architecture, application, database, , standards and implementation related mandates for development, deployment and maintenance. 
• Manage teams delivering co-working discovery workshops & support delivery teams to provide assessment, remediation, testing and standards refresh for the application security practice. 
• Present and distill complex Security solutions into simple, easy to understand concepts for both technical and non-technical audiences especially in the context of opportunity pursuit. 
• Drive Innovation through Offerings: — Drive profitable growth through the execution of the strategy and the strengthening of the audit and assurance practice 
• Building innovative & collaborative solutions to bring combined offerings such as security related combinations with J2C, API, Data security as advisory & execution footprint to capture opportunities & illustrate convergence 
• Bring the audit and assurance practice to life to achieve sales and commercial opportunities in a collaborative ecosystem and follow through with support for cost effective high quality execution. 

Additional Responsibilities for Assistant Managers:

• Supervise associates and interns on engagements
• Serve as a liaison between financial services clients and upper management
• Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment
• Works with the client to minimize delivery disruptions and effectively manages client urgencies.
  Qualifications
• Engineering / MBAs with atleast 6+ years of experience 
• 3+ years of experience with hands on exposure to Infrastructure / Mobile/ Web application security spanning across various technologies. 
• Working level familiarity of advanced security assessment concepts, including but not limited to –, Malware analysis, OT/ICS security, Cloud security, security in IoT, Blockchain, RPA and emerging technologies, etc. 
• Working level familiarity with Static and Dynamic Analysis tools (SAST, DAST, IAST). Ability to manage deployment & use of OWASP tools and methodologies. 
• Ability to elucidate vulnerabilities and weaknesses in the OWASP Top10,WASCTCv2, SANS Top-25 and CWE25 to client IT/ISO audiences and discuss effective defensive techniques. 
• Comprehensive understanding and previous oversight of IT hardware, software, networking, databases, API services, J2C storage, licensing and related hosting needs.
• Infrastructural configuration reviews to identify the security related gaps within the IT environment
• Preference would be given to significant experience in relevant technical knowledge: (a) financial statement – IT  Audits; (b) IT internal or IT operations audits; (c) IT SOX engagements (d) Emerging Technology Risks (e) Data Privacy and PCI-DSS risks
• Good to have, add on skills - Working level familiarity with relevant vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint or any other open source tools). Working level familiarity with web application vulnerability scanning tools (e.g. IBM AppScan, HP Fortify, Accunetix, NTO Spider, Burpsuite Pro or any other open source tools), SIEM tools (SolarWinds, Splunk, LogRhythm, IBM QRadar) 
• Ability to understand/identify best practices for infrastructure process and controls.
• CISA, CISM, CISSP, CRISC, TOGAF certifications would be an added advantage
• Prior experience in client facing / account management roles
• Possess strong domain knowledge, understanding of IT processes supporting business and possible risks in operations of at least two industry sectors
• Demonstrate integrity, values, principles, and work ethic and lead by example

Benefits

Work with one of the Big 4's in India

Healthy work Environment

Work Life Balance