We are looking for a skilled and detail-oriented Information Security Consultant with strong experience in ISO 27001:2022 implementation, IT audits, and GRC activities, especially within the BFSI (Banking, Financial Services, and Insurance) sector.

The ideal candidate should have hands-on experience in conducting audits, managing compliance requirements, and implementing Information Security Management Systems (ISMS) for clients.

Key Experience & Skills :

The candidate should have proven experience in end-to-end ISO 27001:2022 implementation, including gap assessments, risk assessments, risk treatment planning, and ISMS documentation.

- Hands-on experience in conducting internal and external information security audits onsite at client locations is essential.

- A strong background in BFSI sector audits is highly preferred, along with the ability to understand and implement regulatory and compliance requirements.

- The candidate must be experienced in developing, reviewing, and maintaining information security policies, procedures, and SOPs in line with industry standards.

- In-depth knowledge of cybersecurity frameworks and regulatory guidelines such as NIST Cybersecurity Framework (CSF), ISO 27001:2022, RBI CSF, IRDAI Cyber Security Guidelines, SEBI CSCRF, UIDAI Guidelines, SOC 1 & SOC 2 (Type 1 & Type 2), and Digital Personal Data Protection (DPDP) Rules is required.

Certifications :

- ISO 27001 Lead Auditor (IRCA CQI Certified) Mandatory for 23 years of experience

- ISO 27001 along with CISA (ISACA) Preferred for candidates with 5+ years of experience

Key Responsibilities :

- The selected candidate will be responsible for leading and managing end-to-end ISO 27001:2022 implementation projects, including defining scope, conducting risk assessments, and preparing ISMS documentation.

- You will perform risk identification, assessment, and treatment activities aligned with ISO standards and organizational context.

- The role involves planning and conducting internal audits, external audits, and compliance reviews across various domains, particularly in BFSI.

- You will also conduct onsite audits based on RBI, IRDAI, SEBI, and UIDAI guidelines, ensuring compliance with regulatory requirements.

- Preparing detailed audit checklists, audit reports, and corrective action plans will be a key part of the role.

- Additionally, you will be responsible for designing, reviewing, and updating security policies, procedures, and documentation, ensuring continuous improvement of the ISMS framework.

- Delivering security awareness sessions and training to clients is also expected.

Soft Skills :

- Strong communication and stakeholder management skills

- Excellent documentation and reporting abilities

- Ability to manage multiple assignments independently while meeting deadlines