Information Security Specialist
Location
Mumbai | India
Job description
About Company
BDO India LLP (or BDO India) is the India member firm of BDO International. BDO India offers strategic, operational, accounting and tax & regulatory advisory & assistance for both domestic and international organisations across a range of industries. BDO India is led by more than 140 Partners & Directors with a team of over 3000 professionals operating across 10 cities. We expect to grow sizably in the coming 3-5 years, adding various dimensions to our business and multiplying the increasing the current team size multi-fold.
About Cyber
BDO India cyber security practice is one of the fastest growing areas of the business with significant ambition for the future through additional recruitment and acquisition. As part of our cyber team / tech risk you will be managing teams and projects delivering advisory and technical support to help our clients to improve their information / cyber security posture and respond to the dynamic nature of technology risks / cyber security threats. You will provide security domain expertise and utilise your business insight to work closely with our clients to advise, design, build and deploy pragmatic security solutions that will provide real and tangible benefits to protect their organisations. Furthermore, often carryout out IT Risk Assessments in line with industry 'better' practices (NIST / ISF / Cloud Security / etc.), regulatory mandates (RBI / IRDAI), and various compliance standards focusing on data security, data privacy, etc.
Roles & Responsibilities:
- Candidate should have key understanding on technology, IT and governance aspects from Cyber Security perspective
- Candidate should have understanding on performing gap assessment on organizations Cyber security landscape primarily to prevent them from cyber security threats
- Candidate should have exposure to design, development, implementation, and maintenance information security framework aligned to framework like ISO 27001:2013
- Candidate should have managed end-to-end Information security, cyber security for its organizations
- Experience in performing the risk assessment from Cyber Security, Business Continuity and Privacy perspective
- Experience on Data Privacy including design/development and review of privacy framework aligned with GDPR requirements and GAPP framework
- Performing maturity assessment for cyber setup; Developing cyber strategy roadmap, helping in implementation
- Consulting knowledge in overall cybersecurity domain with specific experience in engagements, such as NIST, BCP, ISO 27001, SSAE 18, ISAE3402, SOC 2 and regulatory compliances (RBI, SEBI, IRDA), data privacy audits.
- Manage / Lead engagement for data privacy, regulatory compliance, cyber strategy, ISO 27001 BCP (ISO22301) & third-party risk management (TPRM)
- Determine client needs, expectations & participate to develop, lead, and execute the overall client service plan
- Work on proposals, thought leaderships, POVs as required
- Demonstrate leadership, team management, problem solving and strong verbal and written communication skills
- Consulting experience (preferred)
- Certifications - ISO 27001, ISO22301, ISO 27701, CISSP, CISA (advantage)
Job tags
Salary