Technology Consulting-DT Cyber-Govt. Senior

OVERVIEW

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. 

KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment

KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term.

Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either System audit, IT reviews, Technology Risk Assessments & Gap Assessments inline with circulars issued by SEBI/RBI/IRDAI. 

Role: Consultant

• Work as a trusted Cyber Security Advisor to the Client / CISO’s/CxOs. 
• The candidate needs to play a critical role in assisting the Clients in defining and implementing the organization cyber security strategy. 
• The candidate shall provide expert advice and guidance on cyber security issues, emerging threats, and industry leading practices to ensure the protection of the organization's information assets and infrastructure. Further, candidate shall help ensure the effectiveness and resilience of the client’s cyber security program to protect critical data & applications.

Key Responsibilities:

Strategy Development:

• Collaborate with the CISO to develop and refine the organization's cyber security strategy, policies, and procedures.
• Assess current security measures and identify areas for improvement.
• Stay abreast of industry trends, emerging threats, and regulatory requirements to inform strategic decision-making.
• Keep organizations security policy and procedures aligned with government IT security best practices
• Play a key role in formulating IT security framework and policies

Risk Management:

• Plan and review risk assessments and identify vulnerabilities in the CBIC’s systems and networks.
• Develop risk mitigation strategies and recommend security controls to minimize cyber threats.
• Assist in the development of incident response plans and procedures.

Security Architecture:

• Provide input into the design and implementation of secure architectures for networks, systems, and applications.
• Evaluate new technologies and solutions for their potential impact on the organization's security posture.
• Ensure that security requirements are integrated into all phases of the system development lifecycle.

Security Awareness and Training:

• Develop and deliver cyber security awareness programs for employees to promote a culture of security awareness.
• Provide training and guidance to IT staff on security best practices and procedures.
• Conduct regular security briefings and workshops for key stakeholders.

Incident Response Support:

• Good understanding of SOC operations and various security tools
• Assist client in the root cause analysis and resolution of security incidents
• Coordinate with internal teams and external partners to contain and mitigate security breaches.

Compliance and Governance:

• Ensure compliance with relevant regulatory requirements, industry standards, and internal policies.
• Assist in the preparation for and response to audits and regulatory inquiries.
• Maintain documentation and evidence of compliance activities.

Sales and Business Development:

• Assist in the preparation for and response to government/PSU bids and tenders
• Support leadership / Partners in go to market activities
• Contribute with Cyber and/or Privacy Point of View (PoV) on Firm’s Though Leadership publications 

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field with minimum 8 to15 years’ experience.
• Industry certifications with at least one or more of the following: CISSP, CISM, CISA or CRISK, cloud security and Privacy are highly desirable.
• Proven experience in a senior cyber security role, preferably in a large government /PSU /BFSI / Enterprise environment.
• Strong knowledge of cyber security principles, practices, and technologies.
• Excellent analytical and problem-solving skills.
• Effective communication and interpersonal skills, with the ability to influence and collaborate with stakeholders at all levels.
• Experience working with govt organizations such  as CERT-in, NIC, MiETY (preferable)
• Familiarity with security frameworks such as NIST, ISO 27001, or CIS Controls.