Associate Consultant/ Consultant/ Assistant Manager - Cyber Security Auditor

Company: KPMG India

Location: Bengaluru, Karnataka, India

LinkedIn post

Job Title: Associate Consultant/ Consultant /Assistant Manager - Cyber Security Auditor

Location: Bangalore

Skills Required:

Seeking a highly skilled Cyber Security Auditor with expertise in auditing cyber security Process, risks and controls. A strong understanding of industry frameworks such as NIST (e.g., NIST CSF, NIST 800-53) and hands-on experience in assessing cybersecurity risks, governance controls, and technical security measures. This role involves validating control effectiveness, performing closure verification/issue validation to strengthen cyber security posture.

Responsibilities:

• Conduct assessments of cyber security risk and controls across network security, application security, vulnerability management, and governance controls.

• Perform closure verification and issue validation for security findings, ensuring remediation aligns with risk reduction objectives.

• Evaluate vulnerability management programs, patch management processes, and threat intelligence integration.

• Review and test governance controls related to cyber security policies.

• Strong understanding of NIST frameworks (CSF, 800-53), ISO 27001, CIS Controls, and regulatory requirements.

• Technical expertise in network security, firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM tools, and endpoint security.

• Hands-on experience in application security, vulnerability management, patch management, and security monitoring.

• Strong knowledge of network protocols (TCP/IP, HTTP, SSL/TLS, DNS, VPN, etc.) and secure configurations.

• Familiarity with cloud security controls (AWS, Azure, GCP) and DevSecOps principles.

• Professional certifications such as CISA, CISSP, CISM, CRISC, CEH, or GIAC certifications (GCIH, GCFA, GPEN) are highly desirable.

• Stay up to date with emerging cyber threats, attack techniques, and regulatory requirements impacting security controls.

Qualification:

A Bachelor's degree in engineering and approximately 3 -6 years of related work experience; or a master’s or MBA degree in business, computer science, information systems, engineering
Technical Knowledge of IT Audit Tools
A strong understanding of industry frameworks such as NIST (e.g., NIST CSF, NIST 800-53)
Hands-on experience in assessing cybersecurity risks, governance controls, and technical security measures