Security Consultant

Must Have Technical/Functional Skills

New JD requirement:

Security Consultant

The hiring manager has shared the following details:

· The manager is looking for candidates with relevant experience in GRC audit and risk

assessment.

· Ideal experience: 2–4 years in that domain.

· Extensive experience in incident management is not required.

Role expectations: 60% – Incident Life Cycle Management, 20% – Risk Assessment and

Management across all suppliers and 20% – Audit Assessment,

Additionally, a manufacturing industry background would be preferred.

Cyber Security assessment Analyst conducts and supports the cyber security controls risk

assessment and management process across all our suppliers. Responsibilities include assessing our suppliers' current adequacy of the security controls & strategy, business continuity /disaster recovery plans, threats to the systems, and then calculating the impact of potential adverse events. Audits and assessments must be continual, as the threat profiles change constantly. The Analyst will keep executive management up to date on the results of the risk assessment and make recommendations for mitigations, or projects, to protect supplier and customer systems

Roles & Responsibilities

• Demonstrate strong knowledge in IT controls, risk assessments, and assessment of security

measures

• Identify opportunities to continuously innovate and improve the program and value delivered to

organization

• Ensure successful completion of the annual supplier cyber security assessments

• Independently and proactively plans and performs assigned audit engagements related to security,

confidentiality, integrity, information protection and availability of data

• Conduct cyber security assessments & evaluate in alignment to the supplier security control

framework

• Ensure effectiveness of approved controls and drive risk remediations or changes from previous audit

for existing certified suppliers

• Inform and advise business leaders on supplier's information security risks

• Provide subject matter expertise in third-party risk management.

• Proactively research and work in enhancing improvements to our existing process related to

documentation and security assessments.

• Automate security assessment processes & tools to review the security controls for cloud-based

applications

• Ability to multi-task and manage multiple global projects at the same time.

• Ability to work collaboratively across diverse team in a matrix type organization

• Bachelor's degree in Science & Engineering or technical discipline is required.

• 7 years of information security & assessment experience with increased responsibilities

• In-depth knowledge of security assessment/audit principles

• Understanding of networking principles and data protection

• Ability to identify problems, analyze data and present conclusions

• Strong verbal, written and presentations skills

• Knowledge of information security frameworks such as ISO 27001 /NIST CSF is preferred

• Experience in supply chain cyber assessment and related tools usage is preferred

• CISA, CISM, certifications are preferred

• Excellent communication skills.

• Able to work as part of a virtual global team with cultural, language, and time zone differences.

• Able to deal with ambiguity and work independently with minimal supervision/guidance.

Education and Requirements Qualifications:

Bachelor's degree in Science & Engineering or technical discipline is required.

8 years of specializing in end-to-end incident lifecycle management including detection, triage, recovery, root cause analysis

Proven expertise in coordinating cross-functional response teams, optimizing playbooks and maturing incident management processes aligned to NIST, ISO and MITRE ATT&CK

Knowledge of NIST 800-61, MITRE ATTA&CK, ISO 27001, CIS Controls

7 years of information security & assessment experience with increased responsibilities

In-depth knowledge of security assessment/audit principles

TCS Employee Benefits Summary:

• Discretionary Annual Incentive.
• Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans.
• Family Support: Ma ternal & Parental Leaves.
• Insurance Options: Auto & Home Insurance, Identity Theft Protection.
• Convenience & Professional Growth: Commute r Benefits & Certification & Training Reimbursement.
• Time Off: Vacation, Time Off, Sick Leave & Holidays.
• Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.