This job ad has been posted over 30 days ago...

12

applicants

GRC Consultant - PCI QSA Full-time

at Secure Logic India Pvt Ltd in Banglore (Published at 18-02-2019)

Summary of Role

- Work along with the Audit Team comprised of Lead Consultant & other GRC consultants. – Provide strategic information security advisory and consulting services for all clients. – The role encompasses delivery and management of Professional Services engagements, technical consultation and implementation, and internal strategic initiatives. Managing team members as deemed necessary, accounting to team roles and responsibility. – Scope security engagements and support development of proposals and statements of work, effectively translating customer requirements into an engagement to meet those needs.

- The GRC Consultant role leads and delivers the following compliance type engagements as a minimum:

  • Scoping, design, implementation, and operation of PCI DSS, and related Information Security framework/ standards.
  • Conduct PCI DSS Gap Analysis or assistance in completion of SAQ process
  • Conduct Internal Audit (against internal information security policies and procedures, or industry standards) engagement.

- Associate GRC Consultant role comprises of 2 key measurable elements. These are:

  • Delivery of Professional Services engagements (85%)
  • Help sales to sell more ,contribute to development of new templates & technical materials as & when required.

- Assist sales and participate in generation and development of both inbound and outbound new business opportunities. – The GRC Consultant role is heavily focused on all facets of Information Security, across all industries. These include:

  • Data Centre IT
  • IT Governance, Risk and Compliance
  • Network and Security Architecture
  • Secure Logic’s Managed Security Services
  • Internal business initiatives

- Manage external relationships from clients, vendors, and business partners at all levels as required. – Maintain internal relationships with Senior Management, and other business areas as required. – Manage and lead Professional Services and Delivery engagements as required. This may also include managing engagement teams, deliverables and engagement budget. – Perform Professional Services and Delivery engagements related as deemed necessary and as directed by Management. – Report to Manager on timely basis . Ensure to adhere to Code of Conduct , ensure to stick to KPI’s & metrics to be able to do well .

Specific Responsibility

- Manage, and deliver Professional Services and Delivery related projects as required. These include:

  • Scoping, design, implementation, and operation of PCI DSS, and related Information Security framework/ standards.
  • Consult to clients at all levels regards to Information Security standards, frameworks, guidelines, and better practice.
  • Undertake risk assessments using industry frameworks such as ISO 31000, ISO 27005.
  • Compliance engagements such as Gap Analysis, Internal Audit, External Audit
  • Manage and deliver vulnerability and penetration Testing engagement
  • Conduct security policy and framework reviews
  • Implementation of PCI DSS, ISMS, or client specific information security frameworks
  • Security architecture reviews

- Ensure quality of all deliverables including but not limited to:

  • Client Engagement metrics
  • Client Project Delivery
  • Internal Project Delivery

- Follow current Professional Services and Delivery processes, and provide input into process improvement as required. – Create and be accountable for all client proposal, contracts, tenders and panel bids and any further documentation following Secure Logic’s procedure. – At a minimum maintain a billable utilization target of 85%. – Present Secure Logic to potential clients and group through various communication streams. – Ability to travel a must. Attending trade shows and events will be required. – Lead generation for new business channel development. – Keep abreast of current Information Security standards such as:

  • ISO 27001:2013
  • ISO 31000
  • PCI DSS
  • ISO 20000, ITIL
  • NSW Government Information Security policies, standards, and guidelines
  • Federal Government Information Security policies, standards, and guidelines
  • CSA Framework
  • ISACA guidelines
  • Any other local Information Security frameworks and requirements for Government, regulatory, and legislative requirements.

- Supervise and co-ordinate the delivery of consulting or managed service projects. – Provide assistance in the Professional Services teams group KPI reporting processes – Track and report on all current and completed projects as required – Provide internal status reports to Management as required.

Prerequisite for the Role :

  • PCI DSS QSA (active)
  • Minimum 5 Years of Security Experience
  • CISSP or CISM or GIAC
  • CISA or ISO LA

Other cert’s like CEH , ECSA , ITIL , COBIT will be a plus.



Recent jobs at Secure Logic India Pvt Ltd


Viewed: 517 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend