Job Overview

job title: cyber security assessments & security domain-specific audits consultant (e3.2)

location: noida, india

company: hcl technologies

job type: full-time

experience level: mid-senior (e3.2)

about hcl technologies:

hcl technologies is a global it services company, providing a comprehensive range of technology solutions across diverse industries. we are committed to driving digital transformation and building secure, innovative, and future-ready enterprises. at hcltech, we leverage next-gen technologies like ai, iot, and cybersecurity to deliver value and make a real-world impact.

role overview:

as a cyber security assessments & security domain-specific audits consultant, you will be responsible for conducting detailed cybersecurity assessments, audits, and evaluations to assess the security posture of client organizations. you will specialize in security domain-specific audits and work closely with clients to identify vulnerabilities, recommend improvements, and ensure compliance with industry standards and best practices.

you will collaborate with cross-functional teams to provide actionable insights, and deliver solutions that mitigate security risks and enhance the overall security landscape of the organization.

key responsibilities:

1. cybersecurity assessments:

• conduct comprehensive security assessments of enterprise it systems, networks, and applications.
• identify, evaluate, and prioritize security vulnerabilities, risks, and gaps.
• develop and execute penetration testing and vulnerability scanning procedures.
• review security policies, protocols, and incident response procedures.
• analyze security architecture and make recommendations for improvements.

1. security domain-specific audits:

• lead security domain-specific audits (e.g., network security, cloud security, application security).
• perform risk-based assessments in specific security domains to ensure compliance with internal policies and external regulatory requirements.
• identify security gaps, misconfigurations, and potential threats within various security domains.
• work with clients to ensure that they meet industry standards such as iso 27001, nist, gdpr, pci-dss, etc.

1. security controls & compliance:

• assess the design, implementation, and effectiveness of security controls.
• ensure compliance with internal and external security requirements.
• work with clients to prepare for external audits, and facilitate internal compliance reviews.
• generate audit reports, track action items, and provide recommendations for improvements.

1. security best practices:

• share best practices, methodologies, and frameworks for implementing robust security measures.
• mentor and guide junior team members on security audit methodologies and techniques.
• assist in the development and review of security policies, guidelines, and standards.

1. stakeholder communication:

• present findings to technical and non-technical stakeholders, including senior management.
• provide clear and actionable reports on the security posture of client systems.
• collaborate with client teams to implement remediation plans for identified vulnerabilities.

1. continuous learning & research:

• stay updated on the latest trends in cybersecurity and threat intelligence.
• research new vulnerabilities, emerging threats, and industry-specific security concerns.
• apply new knowledge to improve security assessments and audits.