Job
Description
Job Title: Associate Consultant/ Consultant /Assistant Manager - Cyber Security Auditor Location: Bangalore Skills Required: Seeking a highly skilled Cyber Security Auditor with expertise in auditing cyber security Process, risks and controls. A strong understanding of industry frameworks such as NIST (e.g., NIST CSF, NIST 800-53) and hands-on experience in assessing cybersecurity risks, governance controls, and technical security measures. This role involves validating control effectiveness, performing closure verification/issue validation to strengthen cyber security posture. Responsibilities: Conduct assessments of cyber security risk and controls across network security, application security, vulnerability management, and governance controls. Perform closure verification and issue validation for security findings, ensuring remediation aligns with risk reduction objectives. Evaluate vulnerability management programs, patch management processes, and threat intelligence integration. Review and test governance controls related to cyber security policies. Strong understanding of NIST frameworks (CSF, 800-53), ISO 27001, CIS Controls, and regulatory requirements. Technical expertise in network security, firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM tools, and endpoint security. Hands-on experience in application security, vulnerability management, patch management, and security monitoring. Strong knowledge of network protocols (TCP/IP, HTTP, SSL/TLS, DNS, VPN, etc.) and secure configurations. Familiarity with cloud security controls (AWS, Azure, GCP) and DevSecOps principles. Professional certifications such as CISA, CISSP, CISM, CRISC, CEH, or GIAC certifications (GCIH, GCFA, GPEN) are highly desirable. Stay up to date with emerging cyber threats, attack techniques, and regulatory requirements impacting security controls. Qualification: A Bachelor's degree in engineering and approximately 3 -6 years of related work experience; or a masters or MBA degree in business, computer science, information systems, engineering Technical Knowledge of IT Audit Tools A strong understanding of industry frameworks such as NIST (e.g., NIST CSF, NIST 800-53) Hands-on experience in assessing cybersecurity risks, governance controls, and technical security measures
