As part of the HTC Global cyber security consulting team, individual’s primary role
would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits,
IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC ,
ISMS , Cyber Security, SOX ITGC on customer engagements
? Will address all aspects of security like physical, logical, data, access etc and review
Information Security policy and suggest / recommend necessary changes to the same
on customer engagements
? Will be an active participant in internal / third party system security reviews and
audits on customer engagements
? Will perform internal audits on all aspects of IT and ensure compliance with the
prescribed security norms on customer engagements and will be responsible for
tracking the open audit findings and closure of the same
? Will be responsible for implementation of new projects under Information Security
Domain
? Will be able to manage document tracking and updating - policies, processes,
procedures, templates etc.
? Will assist in development of proposals by owning parts of the proposal document
and by giving inputs in solution design based on areas of expertise.
? Will engage with clients and(or) application development teams for implementation
of cyber security & data privacy by design and data protection controls.
? Will support the clients with ongoing design, implementation and maintenance of the
data privacy framework for managing data protection risk including responding to
legislation, devising and owning policies and training.
? Will demonstrate ability to clearly and concisely communicate the privacy
implications of technology and implementation.
Team work
? Individual would be responsible for contributing to a strong team environment and
promoting a positive working relationship with their colleagues.
? Individual would predominately work with off-shore engagement teams and relevant
HTC Territory teams on presale and cyber security delivery.
? Communication, written and verbal, with these teams would be expected.
? Team members would be required to apply learning from trainings and on the job
experience to work requests and support continuous process improvement.
? Team members would be required to handle multiple tasks at the same time.
? Detailed focus when performing work and good project management skills when
managing workload and maintaining timelines will be necessary.

Desired Candidate Profile
? Bachelors
? Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other
relevant qualification/certification
? Experience : 3-5 years
Knowledge Required:
? Strong knowledge of information security concepts, risk and controls concepts. Strong
understanding of security principals: audit, policies, guidelines, and compliance.
? Good understanding of infrastructure (data centre, network end user computing)
security / cloud security / managed security services / security operations centre /
compliance risk management and ITGC controls
? Good understanding of technical security like network security, operating system,
encryption, use of tools and technologies for various processes like logical access
control, network security, security monitoring etc.
? Sound knowledge of Internal Controls and Compliance. Must be able to recommend
controls around people, process, and technology.
? Sound knowledge on IT controls (especially IT risks). Good experience with control
assessment, check the effectiveness of the implemented controls and recommend
mitigation / improvements.
? Good knowledge on Privacy, Governance and reporting
? Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint,
Visio, etc.),
? Strong verbal and written communication skills Knowledge / experience in fields of
ITGC audits, Internal Audit, External Audit / Statutory Audit projects
? Candidates should exhibit good client service skill collateral's with a strong focus on
building relationships.
Additional Responsibilities:
• Ability to assist in value-creating strategies and models that enable clients to innovate,
drive growth and increase their business profitability
• Good knowledge on software configuration management systems and license
Management systems
• Awareness of latest technologies and Industry trends
• Logical thinking and problem solving skills along with an ability to collaborate
• Understanding of the financial processes for various types of projects and the various
pricing models available
• Ability to assess the current processes, identify improvement areas and suggest the
technology solutions
• One or two industry domain knowledge
• Client Interfacing skills
• Project and Team management