Deputy Manager | Cyber Strategy & Transformation | ISMS & GRC

JD-DM-Delhi
Working knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection_x000d_
Experience in leveraging industry standards and frameworks such as ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, etc._x000d_
Demonstrates in-depth knowledge of security and privacy controls and risk management process_x000d_
Experience in data protection technologies such as encryption, data discovery, data masking, data redaction, etc._x000d_
Possesses certifications such as ISO27001 LA/ LI, ISO22301 LA/LI, CISSP, CISA, CISM certification- preferred
The key skills required are as follows:_x000d_
Responsible for ISO 27001 based Information Security Management System implementation and sustenance_x000d_
Responsible for advising clients on Business Continuity Planning, IT Disaster Recovery planning_x000d_
Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk_x000d_
Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling_x000d_
Responsible to assist client in developing information assets inventory and classification
Responsible for conducting clients vendors risk assessment and providing a holistic view of clients risk exposure due to outsourcing_x000d_
Responsible for advising and assisting clients to develop and implement Information classification framework_x000d_
Conduct Information Systems audits covering IT infrastructure assets_x000d_
Advice clients on data privacy, data leakage prevention, identity and access management_x000d_
Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions_x000d_
Demonstrates ability to work independently on projects with limited supervision_x000d_
Demonstrates understanding of complex business and information technology management processes_x000d_
Demonstrates working knowledge of firm tools and methodologies that may be suitable for the engagement_x000d_
Manages day-to-day client relationships at mid and lower levels._x000d_
Participates in proposal development efforts to sell "add-on" work to clients_x000d_
Identifies opportunities to improve engagement economics_x000d_
Plays substantive role in designing and implementing business development plan for the service line_x000d_
Plays substantive/lead role in retention of professionals and in building staff complement, mix, and recruiting_x000d_
Undertakes initiatives in people and practice development