Cyber Security Consultant (Audit and Compliance)

Job Description

We are actively looking for a Cyber Security Consultant (Audit and Compliance) who will be responsible for driving security and controls for various on-premises and cloud-based technologies.

Responsibilities

• Responsible for driving security and controls on various on-premises and cloud-based technologies.
• Developing, reviewing, implementing, and maintaining information security policies designed to protect information and any supporting information systems from any unauthorized access, use, disclosure, corruption, or destruction.
• Ensuring compliance with relevant laws, regulations, and standards, such as HIPAA, PCI-DSS, and GDPR.
• Crafting Service Organization Control (SOC), PCI and ISO 27001 reporting.
• Identifying and assessing business process controls and linkage to IT systems.
• Coordinate with external auditors and assessors to ensure compliance with regulatory requirements.
• Conducting IT audits, SOC audits, IT Process Audit, Systems Audit, Gap assessment.
• Act as a single point of contact for any GRC-related activities across the group. 

Skills, Experience & Qualification

Skills

• Familiarity with ISO 27001, ISMS, NIST Framework
• Ability to work under minimum supervision.
• In-depth knowledge & experience in auditing interfaces, infrastructure, cloud security, cyber security, data processing and computer general controls in Oracle / ERP environment.

Experience

• 5+ years in IT Audit (Mandatory experience in ISO 27001 and PCI DSS audits).

Qualification:

• Graduate from any stream – preferred from technical side (Bachelor of Engineering)
• ISO27001 Lead Auditor, CISA, CISM, CISSP or similar certification