Share Job :

Senior Consultant Information Security- ISO 27001 Implementer



Company: Glan Management Consultancy



Location: Gurgaon



Experience: 7-15 year



Salary: 0



Employment Type:


Job Description:

Job Title: Senior Consultant Information Security – IT

Job Purpose: Acting in a key technical management & execution capacity to provide a conduit between  IT teams and key business stakeholders thereby ensuring information technology needs are managed consistently, following professional IT and global standards, and delivered with a high quality and customer satisfaction.

Reward level: Middle Management
Job Location Gurgaon
Experience 7 years
Relevant Experience 7 years
Reporting to: General Manager
Qualification: Bachelor’s degree in IT and relevant Information Security
Certifications

Key Deliverables:
  1. Provide support as Lead implementor towards ISMS and PIMS policies, procedures, and guidelines and ensure to perform regular review and update.
  2. Gather evidence of continuous compliance with ISO 27001:2022 and ISO 27701:2019, DPDPA, IT Act and Cert In Regulation including audit logs, records of reviews, timely closure of open audit and risks and sharing the report with management.
  3. Conduct regular, documented information security and privacy risk assessments on Security Tools and Technologies by identifying assets, threats, vulnerabilities, likelihood, and impact.
  4. Prioritize identified vulnerabilities, detailed findings, remediation recommendations, trending reports on vulnerability posture towards closure with stakeholders.
  5. Implementation of a comprehensive, ongoing security project plan for remediation of open audit gaps.
  6. Prepare regular report on overall information security posture, GRC maturity, and risk landscape to relevant stakeholders
  7. Perform Root Cause Analysis and lessons learned from information security incidents, actively participate in audits and support internal IT staff to perform technical assessments and controls with evidence.

Key Relationships:
  1.  Internal IT and business customers .
  2. Global/Local IT Vendor, market and global (HQ) colleagues,
  3. Internal staff - direct reports (where applicable)
  4. IT vendors, contractors (where applicable)


Knowledge Skills and Abilities:

  1. Must have ISO 27001 Lead Implementer and ISO 27701 Lead Implementer certifications.
  2. In depth understanding of IT Act, DPDPA, Cert In regulations, CIS Controls as well as UK DPA and ISO 31000
  3. Good to have certification on CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional) and Cloud Security certifications (e.g., CCSK, CCSP, vendor-specific like AWS Security Specialty)
  4. Familiarity with common vulnerability scanning tools like Qualys (features, reporting, agent-based vs. network scans) and Cloud Security Posture Management (CSPM) tools like Wiz (cloud service provider configurations, misconfigurations, compliance checks in AWS, Azure, GCP).
  5. Conduct and lead IT DR drills and Tabletop exercises with internal IT teams.
  6. Hands on knowledge on common security technologies (e.g., firewalls, EDR, Cloud Security, VAPT tools, SIEM, WAF, DLP, PAM, BAS, encryption etc.,).
  7. Ability to handle and manage Endpoint, Perimeter, Cloud and Data Security technical consoles with configuration and fine tuning of policies.
  8. Understanding of various penetration testing types (e.g., network, web application, API, mobile, cloud) and methodologies
  9. Knowledge of common attack vectors and exploitation techniques like MITREATTACK and DEFEND, NIST Cyber Security Framework.
  10. Excellent technical writing skills for creating clear, concise, and comprehensive security policies, standards, and procedures.
  11. Ability to analyse complex risk data and present actionable insights.
  12. Proficiency with GRC platforms or tools for managing policies, risks, and controls
  13. Exceptional verbal and written communication skills to articulate complex security concepts to technical and non-technical stakeholders
  14. Strong technical skills to diagnose security issues, identify root causes, and develop effective solutions.
  15. Ability to develop and deliver engaging security training sessions and awareness campaigns to internal IT staff.
  16. Ability to stay updated with the latest security threats, vulnerabilities, technologies, and regulatory changes.
mail updated resume with salary details-
email: etalenthire@gmail.com
satish- 8802749743

website: www.glansolutions.com

Key Skill:
Consultant Information Security, GRC, information security consultant, IT security, ISO 27001 compliance, ISO 27001 Implementer, ISO 27001, internal auditor, CISM

Posted on: 26th Aug, 2025


Apply Submit Resume Share with Friends (Mail)


See all Jobs

Useful Links
Services
Keep in Touch

Phone: +91-8851018162, 8802749743

E-mail: satish@glansolutions.com
info@glansolutions.com