Introduction

A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You'll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you'll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You'll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.

Your role and responsibilities

We are seeking a highly motivated and experienced Cyber Security Consultant specializing in Governance, Risk, and Compliance (GRC), Information Security, and Cyber Risk Management. The candidate will be responsible for delivering cybersecurity consulting engagements, conducting security assessments, implementing governance frameworks, supporting regulatory compliance initiatives, and advising clients across Banking, Financial Services, Insurance (BFSI), NBFC, FinTech, and other regulated sectors.

The ideal candidate should possess strong expertise in cybersecurity governance, risk management, regulatory compliance, security frameworks, and stakeholder management.

Key Responsibilities:

Perform Cyber Security Governance, Risk, and Compliance assessments.

Develop and maintain Information Security Policies, Standards, Procedures, and Guidelines.

Establish and manage enterprise cyber risk registers.

Conduct cyber risk assessments and risk treatment planning.

Define and monitor cybersecurity KPIs, KRIs, and management dashboards.

Support implementation of Governance frameworks aligned to industry best practices.

Assess compliance against RBI Cyber Security Framework, RBI Master Directions, Digital Lending Guidelines, Outsourcing Guidelines, and applicable regulatory requirements.

Support compliance initiatives related to:

RBI Regulations

DPDPA 2023

CERT-In Directions

ISO 27001

NIST CSF 2.0

PCI DSS

SEBI / IRDAI regulations

Conduct compliance gap assessments and remediation tracking.

Maintain documentation for regulatory audits, Continuous compliance monitoring & control testing

Perform Information Security Maturity Assessments.

Support ISMS implementation and certification initiatives.

Conduct policy reviews and security governance assessments.

Review security control effectiveness and compliance status.

Develop management and Board-level cybersecurity reports.

Conduct cybersecurity assessments and control reviews.

Support internal audits, external audits, and regulatory inspections.

Review vulnerability assessment and penetration testing findings.

Track audit observations and remediation activities.

Perform security posture and maturity assessments.

Frameworks & Standards

Strong working knowledge of:

NIST Cybersecurity Framework (CSF 2.0), ISO/IEC 27001:2022, COBIT, CIS Controls, PCI DSS, RBI Cyber Security Framework, DPDPA 2023, CERT-In Directions

Soft Skills

Excellent communication and presentation skills

Strong report-writing and documentation skills

Stakeholder management capabilities

Analytical and problem-solving skills
Ability to independently manage consulting engagements

Required education
Bachelor's Degree

Preferred education
Master's Degree

Required technical and professional expertise

• 6+ years of experience in Cyber Security, Information Security, GRC, Risk Management, Compliance, or Security Consulting.
• Experience working with BFSI, NBFC, Banking, Insurance, or FinTech clients.
• Experience conducting cybersecurity assessments and regulatory compliance reviews.

Preferred technical and professional experience

Relevant certification require CISM, CISA, CISSP, ISO27001 LA/LI,

Years of Experience:
6-10