Senior Associate-Bangalore-Cloud+GRC

About Company:

BISPL is the India member firm of BDO International. BISPL offers strategic, operational, accounting, tax & regulatory advisory and assistance for both domestic and international organisations across a range of industries. We are led by more than 300 Partners & Directors with a team of over 8500 professionals operating across 12 cities Ahmedabad, Bengaluru, Chandigarh, Coimbatore, Chennai, Hyderabad, Goa, Kochi, Kolkata, Mumbai, New Delhi-Gurugram and Pune. We take pride in our service portfolio on the backing of a rich blend of experience and expertise, bringing to fore a work culture that is both client-centric and knowledge driven. Our focus on delivering exceptional client service is backed by a partner driven approach to offer tailor made solutions ensuring quality excellence & time efficiencies.

Roles & Responsibilities:

Perform cloud security audits and architecture reviews across AWS/Azure/GCP environments

Assess configurations, IAM, network security, and compliance against industry standards

Use CSPM tools to evaluate cloud security posture and identify risks

Conduct and support GRC and regulatory audits (RBI, SEBI, IRDAI, ISO 27001/22301/27701, NIST) Identify control gaps and provide actionable remediation recommendations Prepare audit reports and track closure of findings

Work on both internal audits and external consulting engagements

Collaborate with stakeholders and mentor junior team member

Educational Qualifications:

Bachelors degree in Law, Information Technology, Cybersecurity, Business, or a related field.

Privacy-related certifications (e.g., CIPP/E, CIPP/US, CIPM, CIPT, or equivalent). Skills & Competencies:

24 years in GRC, InfoSec, and cloud security

Hands-on experience in cloud security reviews and audits

Strong exposure to AWS/Azure/GCP

Experience with CSPM tools (e.g., Prisma Cloud, Wiz, Orca, Defender, Security Hub)

Knowledge of ISO, NIST, CIS frameworks and regulatory audits (RBI/SEBI/IRDAI)

Certifications preferred: AWS/Azure/GCP + CISA/CISM/ISO 27001 LA/CISSP

Strong analytical, reporting, and stakeholder communication skills.

Strong analytical, problem-solving, and critical-thinking skills with high attention to detail and ethical judgment.

Effective client advisory and stakeholder management capabilities.

Strong documentation, presentation, reporting, and communication skills.

Ability to manage multiple client engagements and meet competing deadlines.

Behavioural Attributes:

High level of confidentiality and discretion.

Ability to perform under pressure and manage multiple competing priorities.

Customer-service-oriented with a positive attitude.

Strong problem-solving skills and ability to work collaboratively in a team.