Principal Consultant- Cyber Security Consulting & Advisory

at  Infosys

JOB DESCRIPTION

TYour role
In the role of a Principal Consultant, you will anchor the Cybersecurity consulting & advisory assignments (or a portfolio of such assignments), all the way from business process consulting and problem definition, solution definition, roadmap to cost estimates for remediation. You will be pivotal to problem definition and discovery of the overall solution and execute projects singlehandedly or part of a team to deliver the agreed deliverables. As an established thought leader in your domain, you will be the key advisor to cyber security strategy, architectures, controls, processes, policies, compliances, and maturity reviews. You will anchor business pursuit initiatives, client training, in-house capability building etc. You will have the opportunity to shape value-adding consulting solutions that enable our clients to meet the changing needs of the global landscape, leveraging Infosys service offerings and capabilities, working collaboratively with various teams within Infosys and customer organizations.
You will be a senior member of the Infosys Cyber security Consulting & Advisory team, and your primary role would be to develop, design and execute a consulting opportunity fully or partly as needed in response to a customer requirement, differentiating in the market place through a strong business value proposition, working as a trusted advisor to the customer (especially Sr executives and key decision makers) – across one or more of the below functions
o CISO Advisory Services
o Security Strategy/Governance/Risk Advisory and Roadmap
o Cybersecurity Maturity/Posture Assessments
o M&A / Divestiture Cyber Advisory
o Security Architecture Consulting
o Cyber Resilience Consulting
o Security Program Management & Advisory

Essential

• Extensive industry experience working in enterprise cyber security domain
• Proven knowledge and hands on experience in designing (and delivering) cybersecurity solutions around the functions listed above across more than 3-4 subdomains of security tools and techniques in the area of Infrastructure Security (e.g. Anti-DDoS, Firewall, NIPS, WAF, NDR, NSPM, EDR, EPP, Deception, SASE, ZTNA etc.) , Data Security (e.g. DLP, DAM, PKI, Key Mgmt., Certificate Mgmt., DSPM, Data Masking, Encryption etc. ), Application Security ( e.g. SAST, DAST, SCA, IAST etc.) , Cloud Security( e.g. CNAPP, CASB, SSPM, Native Security from AWS, AZURE, GCP etc.) , Zero Trust Architecture, OT Security, Security Incident Management(e.g. SIEM, SOAR, SOC etc.) , Identity & Access Management ( e.g. IDP, RBAC, SSO, MFA, Conditional access, PAM,PIM etc.) Governance Risk & Compliance (E.g., Risk Management, TPRM, Control Testing, IT Audits & Assessments, Compliance Management etc.),
• Extensive exposure / experience in one or more security tools/platforms and related automation methodologies and solutions
• Deep understanding of various sectoral/national/global standards/regulations/frameworks like ISO27001, ISO27701, NIST CSF, CIS, SOX, PCI DSS, HIPAA, CCPA, NIS2, DORA, GDPR, SOCI, MAS-TRM etc & experience of compliance readiness preparation engagement for global customers
• Good level of exposure / experience in ISO 31000, ISO 22301, ISO 22316, SOC2, NIST SP 800-53, CMMC, FedRAMP, NERC-CIP, ITAR etc
• Good understanding of the cyber industry trends and technologies e.g., Zero Trust Architecture, Responsible AI, Security Automation, Cyber Vendor Consolidation, DevSecOps, Cyber Mesh Architecture etc.
• Creation of consulting and advisory frameworks, blueprints & knowledge base documents
• Excellent cross cultural skills working seamlessly with a globally distributed workforce and customers
• Self starter able to independently drive and execute the work meeting quality and timeline commitments, multi tasking across multiple medium/large complexity proposals as needed

Desirable

• A broad outlook through exposure to an ecosystem of diverse cultures, stakeholders as well as emerging tools, technologies, regulations, standards etc,
• Experience with similar roles in consulting teams or organizations.
• Relevant industry certifications like CISSP, SSCP, CCSP, CCSK, CISA, CISM, CRISC, CGEIT, CSX-P, CDPSE, CIPP, CIPM, CIPT, CEH

ABOUT US

Infosys is a global leader in next-generation digital services and consulting. We enable clients in more than 50 countries to navigate their digital transformation. With over four decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem.

Please refer the Job description for details