Loading
I
Security Consultant - GRC
IBMIndia6+ years
Apply A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences. We are seeking a highly motivated and experienced Cyber Security Consultant specializing in Governance, Risk, and Compliance (GRC), Information Security, and Cyber Risk Management. The candidate will be responsible for delivering cybersecurity consulting engagements, conducting security assessments, implementing governance frameworks, supporting regulatory compliance initiatives, and advising clients across Banking, Financial Services, Insurance (BFSI), NBFC, FinTech, and other regulated sectors. The ideal candidate should possess strong expertise in cybersecurity governance, risk management, regulatory compliance, security frameworks, and stakeholder management.
Key Responsibilities: • Perform Cyber Security Governance, Risk, and Compliance assessments. • Develop and maintain Information Security Policies, Standards, Procedures, and Guidelines. • Establish and manage enterprise cyber risk registers. • Conduct cyber risk assessments and risk treatment planning. • Define and monitor cybersecurity KPIs, KRIs, and management dashboards. • Support implementation of Governance frameworks aligned to industry best practices. • Assess compliance against RBI Cyber Security Framework, RBI Master Directions, Digital Lending Guidelines, Outsourcing Guidelines, and applicable regulatory requirements. • Support compliance initiatives related to: • RBI Regulations • DPDPA 2023 • CERT-In Directions • ISO 27001 • NIST CSF 2.0 • PCI DSS • SEBI / IRDAI regulations • Conduct compliance gap assessments and remediation tracking. • Maintain documentation for regulatory audits, Continuous compliance monitoring & control testing • Perform Information Security Maturity Assessments. • Support ISMS implementation and certification initiatives. • Conduct policy reviews and security governance assessments. • Review security control effectiveness and compliance status. • Develop management and Board-level cybersecurity reports. • Conduct cybersecurity assessments and control reviews. • Support internal audits, external audits, and regulatory inspections. • Review vulnerability assessment and penetration testing findings. • Track audit observations and remediation activities. • Perform security posture and maturity assessments. Frameworks & Standards Strong working knowledge of: • NIST Cybersecurity Framework (CSF 2.0), ISO/IEC 27001:2022, COBIT, CIS Controls, PCI DSS, RBI Cyber Security Framework, DPDPA 2023, CERT-In Directions Soft Skills • Excellent communication and presentation skills • Strong report-writing and documentation skills • Stakeholder management capabilities • Analytical and problem-solving skills Ability to independently manage consulting engagements 6+ years of experience in Cyber Security, Information Security, GRC, Risk Management, Compliance, or Security Consulting. • Experience working with BFSI, NBFC, Banking, Insurance, or FinTech clients. • Experience conducting cybersecurity assessments and regulatory compliance reviews. Relevant certification require CISM, CISA, CISSP, ISO27001 LA/LI, India Consulting Professional Mumbai, IN