Director - Cyber Security

Our client is looking for experienced person with ability to develop and lead the practice in assigned region (North or South). In this role you would be leading the business and delivery for the region.

You are best fit you good consulting experience and have managed worked closely with Senior/Mid level stakeholders with clients

In the role you will responsible for :

Regional client base building

- Build client base in the manufacturing, ITES and service sector for the following services

Cyber security assessments

Data privacy assessment

ISO 27001 audits and implementations

IT Audits

Vulnerability Assessments and Penetration Testing

Sales Process Management

- Track the internet for RFP opportunities

- Conceptualize business proposals to be made

- Carry out and track RFP submissions

- Carry out internal risk clearance and management processes for client

- Assist leadership in research and writing technical white papers

Project Management

- Independently lead client opening, interim and closing

- Creation of project codes for time charging and expenses

- Invoicing support

- Build project presentations and audit reports

- Discussions of draft audit report for stakeholder buys in (in case of audit assignment)

Regional Service Delivery ownership in the following areas:

Regulatory Framework driven reviews:

SEBI audits

IRDA gap audits

RBI guideline audits (ATM Audits, PPI Wallet, SWIFT review etc.)

NPCI UPI Audits

Aadhar Audits

PCI gap reviews

GDPR reviews

- Architecture review

Network Architecture Review

Infrastructure Review

Configurations audits/review of systems such as:

Windows servers

 AIX servers

 MS Exchange server

 Oracle and SQL Databases

 Firewalls (including rule base) (WAF familiarity will be an added advantage)

 SIEM (rule base including key co-relation rules)

 DLP (events and rules)

 Back up platforms (e.g. Tivoli, Symantec etc.)

 Content filter gateways

 Apache web servers

 0365

 Cloud infrastructure like AWS/Azure

IT Audits

You must have strong experience in guiding teams in conduct of IT audits for Indian and international clients (preferably). The coverage of their experience in IT audits must include areas such as :

- Physical security

- Logical security

- Data center reviews

- MSSP reviews

- IT MS reviews

- SOC reviews

- Privacy reviews

Experience in preparing audit committee decks and also presenting observations in pre-audit committees, risk committees and audit committees.

Vendor Audit/TPRM 

Strong experience in guiding teams in conduct of vendor IS compliance of vendors for clients in the banking and insurance sector leveraging standards such as SSA-AUP, ISO 27001, PCI-DSS and CSA etc.



Standard specific compliance reviews and implementation experience (PCI DSS / ISO 27001 /COBIT/ IS022301)

Role requires reasonable conceptual understanding of information security frameworks like ISO 27001, PCI DSS, IT Act, RBI regulations, IRDA regulations and COBIT. And must have experience specific to those of the following experience will be good to have and a strong bonus:

- ISMS implementation

- ISMS audits based on ISO 27001

- COBIT implementation (good to have)

- ISO 20000/ITIL implementation

- IS0 22301 framework implementation

You may be required to travel for short to long term assignments depending on client requirement.