Cyber Risk consultant

Job Title:

• Perform risk assessments across business, IT, cyber and third-party domains, ensuring alignment with BFSI sector regulations.
• Develop, review and update IT and Information security policies, procedures, frameworks, and SOPs in accordance with regulatory requirements (RBI Master directions, IRDAI guidelines, SEBI cybersecurity frameworks, etc.)
• Lead or support internal audits ensuring compliance with applicable internal controls and regulatory standards.
• Coordinate and facilitate external audits, including audit readiness, documentation, and remediation tracking.
• Design and implement resilience strategies, including Operational resilience, Business continuity planning (BCP) and Disaster recovery (DR)
• Enhance Technology resilience to support uptime, availability, and recovery of critical IT systems.
• Support initiatives to improve Cyber resilience, covering response, detection, and recovery from cyber incidents.
• Conduct assessments and ensure risk mitigation measures are in place for third- party vendors and outsourced partners.
• Maintain up-to-date knowledge of Indian BFSI regulations, circulars and compliance expectations related to IT and cybersecurity.
• Collaborate with cross-functional teams including IT, compliance, legal and business units to ensure end-to-end risk coverage.

Good to Have:

• 3-6 years of experience in GRC, IT Risk, Internal Audit, or Resilience Management roles, preferably in BFSI sector.
• Strong understanding of Indian regulatory guidelines including those issued by RBI, IRDAI, SEBI and MeitY.
• Hands-on experience in drafting policies, procedures, risk registers, control matrices and audit reports.
• Good knowledge of frameworks like ISO 27001, ISO 22301, ISO 31000, NIST CSF etc.
• Familiarity with BCP/DR planning, risk treatment and crisis management.
• Experience working with GRC tools is desirable.
• Relevant certifications such as CISA, CRISC, ISO 27001 LA, CISSP or similar.

Preferred (Not Mandatory):

• Awareness of cloud platforms (AWS, Azure, GCP) and their security & compliance capabilities.
• Understanding of cloud risk management practices, including cloud governance, shared responsibility models, and regulatory compliance in cloud environments.

Key Competencies:

• Strong analytical and documentation skills.
• Excellent communication and stakeholder engagement skills.
• Ability to work independently and manage multiple priorities.
• Problem-solving mindset with attention to regulatory and operational detail.

Selection Process:

• Education 60% above throughout academics
• One 3 years (at least) regular course is must either Diploma or Graduation
• Course: B.E. / B. Tech / MCA / BCA/ M. Tech / MBA degree or equivalent