Consultant

Job Description

Job Title: Cyber Security Assessments & Security Domain-Specific Audits Consultant (E3.2) Location: Noida, India Company: HCL Technologies Job Type: Full-time Experience Level: Mid-Senior (E3.2) About HCL Technologies: HCL Technologies is a global IT services company, providing a comprehensive range of technology solutions across diverse industries. We are committed to driving digital transformation and building secure, innovative, and future-ready enterprises. At HCLTech, we leverage next-gen technologies like AI, IoT, and cybersecurity to deliver value and make a real-world impact. Role Overview: As a Cyber Security Assessments & Security Domain-Specific Audits Consultant , you will be responsible for conducting detailed cybersecurity assessments, audits, and evaluations to assess the security posture of client organizations. You will specialize in security domain-specific audits and work closely with clients to identify vulnerabilities, recommend improvements, and ensure compliance with industry standards and best practices. You will collaborate with cross-functional teams to provide actionable insights, and deliver solutions that mitigate security risks and enhance the overall security landscape of the organization. Key Responsibilities: Cybersecurity Assessments: Conduct comprehensive security assessments of enterprise IT systems, networks, and applications. Identify, evaluate, and prioritize security vulnerabilities, risks, and gaps. Develop and execute penetration testing and vulnerability scanning procedures. Review security policies, protocols, and incident response procedures. Analyze security architecture and make recommendations for improvements. Security Domain-Specific Audits: Lead security domain-specific audits (e.g., network security, cloud security, application security). Perform risk-based assessments in specific security domains to ensure compliance with internal policies and external regulatory requirements. Identify security gaps, misconfigurations, and potential threats within various security domains. Work with clients to ensure that they meet industry standards such as ISO 27001, NIST, GDPR, PCI-DSS, etc. Security Controls & Compliance: Assess the design, implementation, and effectiveness of security controls. Ensure compliance with internal and external security requirements. Work with clients to prepare for external audits, and facilitate internal compliance reviews. Generate audit reports, track action items, and provide recommendations for improvements. Security Best Practices: Share best practices, methodologies, and frameworks for implementing robust security measures. Mentor and guide junior team members on security audit methodologies and techniques. Assist in the development and review of security policies, guidelines, and standards. Stakeholder Communication: Present findings to technical and non-technical stakeholders, including senior management. Provide clear and actionable reports on the security posture of client systems. Collaborate with client teams to implement remediation plans for identified vulnerabilities. Continuous Learning & Research: Stay updated on the latest trends in cybersecurity and threat intelligence. Research new vulnerabilities, emerging threats, and industry-specific security concerns. Apply new knowledge to improve security assessments and audits. Show more Show less