Cyber GRC Consultant

Summary

Join Infosys Consulting's Tech Transformation Practice in Poland as a Cyber GRC Consultant, working remotely. Collaborate with a global team on cybersecurity projects, contributing to the development of consulting offerings and innovative solutions for C-suite executives. You will conduct risk assessments, ensure regulatory compliance, and support sales pursuits. The role requires a relevant degree, 1-5+ years of cybersecurity experience, and expertise in various security frameworks and regulations. Infosys offers industry-leading compensation and benefits, along with top training and development opportunities.

Requirements

• A relevant undergrad or post grad degree (Infosec, Cyber Security, IT Security)
• 1-5 years+ in the field of cyber security/infosec

Responsibilities

• Work on global projects with a truly global team, with the support of over 330,000 technical staff from our parent organization
• Contribute to the development of consulting go to market offerings and innovative solutions targeted at the C-Suite executive community that help them to understand and mitigate their cyber risks
• Support and maybe lead NIST CSF risk assessments
• Help design innovative new services to lead the market incorporating AI and ML where it brings value
• Support presales, sales, and account management pursuits from a subject matter expert perspective

Preferred Qualifications

• A good understanding of NIST CSF
• A post graduate degree in cyber /information security
• An understanding of ISO27001, NIS2, SOX, GDPR, DORA
• Cyber Due Diligence Assessments
• Third- Party & Supply chain Cyber Risk Management
• Incident Response Plan review
• Supporting bids, RFP responses and proposals
• Crisis Management Exercises (CMX)
• Accreditation such as CISSP, CISM, CISA, GSLC, GSTRT, GCPM
• Helped design Target Operating Models (TOMs) and RACI Matrices
• Helping the design of Cyber Security Roadmaps
• Supporting Post Incident Reviews
• Reading and summarising Cyber Threat Intelligence reports
• Cyber security compliance programs (GDPR, DORA, ISO27001, NIS2, SOX)
• Cyber Security Risk Assessments or Maturity Assessments
• Design and deliver awareness training
• Worked on Identity and Access Management projects
• Worked on Privileged access management projects
• Have a broad business skill set including stakeholder management, problem-solving, and resilience
• Have experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences
• Have excellent interpersonal skills and strong written and verbal communication skills in country’s official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel
• Enjoy working with different clients from different industries
• Have some experience in balancing technical and commercial considerations to develop practical advice or solutions for clients
• Be able to build strong and effective business relationships at all levels
• Be able to support and oversee staff with less experience in their tasks
• Be able to explain complex cyber methodologies using accessible non-technical language (both written and verbal)

Benefits

• Industry-leading compensation and benefits
• Top training and development opportunities