Principal Consultant- Cyber Security Consulting & Advisory

Role - Principal Consultant
Technology - Cyber Security Consulting & Advisory
Location - UK (London)

Job Description
T Your role
In the role of a Principal Consultant, you will anchor the Cybersecurity consulting & advisory assignments (or a portfolio of such assignments), all the way from business process consulting and problem definition, solution definition, roadmap to cost estimates for remediation. You will be pivotal to problem definition and discovery of the overall solution and execute projects singlehandedly or part of a team to deliver the agreed deliverables. As an established thought leader in your domain, you will be the key advisor to cyber security strategy, architectures, controls, processes, policies, compliances, and maturity reviews. You will anchor business pursuit initiatives, client training, in-house capability building etc. You will have the opportunity to shape value-adding consulting solutions that enable our clients to meet the changing needs of the global landscape, leveraging Infosys service offerings and capabilities, working collaboratively with various teams within Infosys and customer organizations.

• Extensive industry experience working in enterprise cyber security domain
• Proven knowledge and hands on experience in designing (and delivering) cybersecurity solutions around the functions listed above across more than 3-4 subdomains of security tools and techniques in the area of Infrastructure Security (e.g. Anti-DDoS, Firewall, NIPS, WAF, NDR, NSPM, EDR, EPP, Deception, SASE, ZTNA etc.) , Data Security (e.g. DLP, DAM, PKI, Key Mgmt., Certificate Mgmt., DSPM, Data Masking, Encryption etc. ), Application Security ( e.g. SAST, DAST, SCA, IAST etc.) , Cloud Security( e.g. CNAPP, CASB, SSPM, Native Security from AWS, AZURE, GCP etc.) , Zero Trust Architecture, OT Security, Security Incident Management(e.g. SIEM, SOAR, SOC etc.) , Identity & Access Management ( e.g. IDP, RBAC, SSO, MFA, Conditional access, PAM,PIM etc.) Governance Risk & Compliance (E.g., Risk Management, TPRM, Control Testing, IT Audits & Assessments, Compliance Management etc.),
• Extensive exposure / experience in one or more security tools/platforms and related automation methodologies and solutions
• Deep understanding of various sectoral/national/global standards/regulations/frameworks like ISO27001, ISO27701, NIST CSF, CIS, SOX, PCI DSS, HIPAA, CCPA, NIS2, DORA, GDPR, SOCI, MAS-TRM etc & experience of compliance readiness preparation engagement for global customers
• Good level of exposure / experience in ISO 31000, ISO 22301, ISO 22316, SOC2, NIST SP 800-53, CMMC, FedRAMP, NERC-CIP, ITAR etc
• Good understanding of the cyber industry trends and technologies e.g., Zero Trust Architecture, Responsible AI, Security Automation, Cyber Vendor Consolidation, DevSecOps, Cyber Mesh Architecture etc.
• Creation of consulting and advisory frameworks, blueprints & knowledge base documents
• Excellent cross cultural skills working seamlessly with a globally distributed workforce and customers
• Self starter able to independently drive and execute the work meeting quality and timeline commitments, multi tasking across multiple medium/large complexity proposals as needed

• A broad outlook through exposure to an ecosystem of diverse cultures, stakeholders as well as emerging tools, technologies, regulations, standards etc,
• Experience with similar roles in consulting teams or organizations.
• Relevant industry certifications like CISSP, SSCP, CCSP, CCSK, CISA, CISM, CRISC, CGEIT, CSX-P, CDPSE, CIPP, CIPM, CIPT, CEH

• High analytical skills
• A high degree of initiative and flexibility
• High customer orientation
• Expertise in stakeholder management at the highest level
• High quality awareness
• Excellent verbal and written communication skills (bonus if candidate can speak German and another European language)