The Information Security Risk Management and Security Policy Design Consultant works with the primary practice leads at the security management-consulting wing of Accenture. They would be responsible for designing security solutions, implementing security solutions, performing risk assessments, designing policies and controls and assessing compliance criteria on a wide variety of client projects.
They will actively participate and lead projects to assist the practice leads, to include risk assessments, enterprise risk assessments, risk program development, governance program development, maturity modeling, policies and procedures, control assessment and development, disaster recovery and business continuity, compliance and audit and business process re-engineering.
Key Responsibilities may include:
· Security strategy – Assess, design and implement a security strategy and governance program framework that describes the process, controls, organization and infrastructure to manage information security related concerns.
· Security implementation – Design, implement and integrate security solutions to address enterprise risks and exposures.
· Security governance – Design and implement security policies, procedures and standards that describe pragmatic, risk-based mechanisms to maintain the confidentiality, integrity and availability of information systems and the data processed therein.
· Security monitoring – Design and implement security solutions to monitor the efficiency and effectiveness of security operations, controls and infrastructure.
· Achieve industry-standard certifications within established timeframes (i.e. CobiT, CRISC, CISSP, CISA, CISM, PCI QSA, ISO 27001).
· Deliver information security projects as part of an integrated team of Advisory professionals.
· Define technical and business requirements for information security solutions.
· Define information security processes and policies which secure and enable the business.
· Enforce business, privacy and security policies.
· Implement IT and information security related technology products.
· Review, assess, benchmark and develop issue remediation action plans for all aspects of information security programs and technologies.
· Develop information security strategies, architectures and implementation plans.
· Implement enterprise security solutions.
· Assist consultants in validating client security posture against standards and guidelines such as PCI DSS, HIPAA, SOX, and ISO 27001.
· Participate and lead projects both onsite and offsite of client facilities.
· Perform security and risk assessments.
· Conduct compliance and audit assessments (PCI DSS, PA-DSS, ISO 27001, SOC2).
· Develop and create customized policies, procedures and controls for clients.
· Develop and write disaster recovery plans and technical documentation for applications, systems and infrastructure.
· Implement security solutions focused on risk and compliance.
· Assist practice leads and sales staff with pre-sales activities.
Employer want to submit job applications through their website at: Apply Online