Consulting Partner - CIO Advisory
Experience & Expertise
Skills & Competence required
- Must have been a Consulting Head in the Security & Risk Management consulting domain for a minimum of 5+ Years.
- Must have a built and managed teams with 15+ Consultants
- Must have coached and mentored consultants with varying experience, skillsets, domain expertise and from varied cultural backgrounds.
- Must have worked with Global System Integrators or Leading Consulting organisations
- Must have 15+ years in the domain of Security & Risk Management
- Must have specialisation in the domain of Cyber Risk Management Consulting
- Must have expertise on one of more of the following domains of Risk Management:- IOT, Digital, Cloud, Enterprise
- Must have 20+ years of experience in the domain of Security & Risk Management
- Must be in the Security & Risk Management Consulting for 10+ Years
- Must have Specialisation in the domain of Cyber Risk Management Consulting
- Must have a Strong understanding of IT infrastructure concepts and architectures, including IT network, operating system, middleware configurations and the OSI model
- Must have Coached and mentored consultants with varying experience, skillsets, domain expertise and from varied cultural backgrounds.
- Designing and/or implementing IT security solutions in an enterprise
- Carry out Risk Assessments related to Cyber Security Posture of Enterprises,
- Risk Assessments and Gap Analysis of Networks, Cloud, Data Center infrastructure w.r.t standard frameworks like ISO27K1, PCI DSS, NIST frameworks.
- Carry out Compliance Reviews for GLBA, SOX, HIPAA, ISO 27K1 and industry specific regulations such as FFIEC for Financial Institutions
- Lead initiatives for (Re)Architecting and (Re)Engineering of Controls to enhance the Security Posture of the enterprise
- Lead Process (Re)Engineering initiatives of key processes related to Security Management leading to Process Improvement and Operational Reviews
- Carry out 'Needs Assessment' & 'As-Is Analysis' and worked out business cases presenting ROI, Cost Benefit Analysis etc
- Experience with solutions and products in the following IT security domains:
- Perimeter & Network Security
- Malware Monitoring, Detection and Protection
- Incident Response
- Security Baselining & Change Management
- Data Governance, Privacy, Protection and Security
- Identity Life Cycle Management
- Cloud Security and Risks Management
- Cyber Security, Cyber Defense
- Business Continuity Management
- Lead periodic projects (assisting with research, special analysis requested by Managers, Partners, etc.)
- Build, Develop and Sustain relationships with clients and participating in networking/business development activities
- Engage in professional development activities, including completion/renewal of professional certification(s)
- Good understanding of building business cases for Outsourcing, Insourcing, benefit analysis of Outsourcing v/s Insourcing for various initiatives
- All candidates must have full travel mobility
Strong interpersonal and communication skills required to:
- Analytical skills required to conduct technology and risk assessments, gap analysis, identifying (re)engineering or (re)architecting initiatives
- Effective time management skills by completing assignments within budgets and calendar schedules; identify opportunities to improve engagement profitability
- Problem solving skills to generate innovated ideas and challenge the status quo
- Knowledge of architecture methodologies, standards, frameworks and tools (e.g. TOGAF, Zachman, COBIT, UML)
- Two or More Certifications CISSP, CISA, CCNP, CRISC, C:CISO etc is a must
Role & Responsibilities
- Promote positive working relationships with diverse personalities/roles at all levels in the firm and among clients
- Ability to communicate effectively both verbally and through written material
- Explain and interpret technical information to non-IT people
Responsibilities - Practice development
- Responsible to position himself / herself as a 'Trusted Advisor' in the assigned accounts / set of accounts
- Responsible to build relationship with all the key stakeholders, both from Wipro's Ecosystem and the Client Ecosystem.
- Responsible to Identify and address a full range of issues from structure and policy, through to assisting in specific areas such as data privacy, data leakage prevention/monitoring, information rights management, vendor related risks, or any other Cyber Security / Defense related controls
- Responsible to Define information security strategies, including guiding principles and future state vision, ensuring that the strategic objectives are aligned with business goals
- Responsible to Developing and embedding IT security systems architecture to support that strategy
- Assessment of security architecture, analysis of issues and development of recommendations for their resolution
- Defining key initiatives that will be incorporated in any strategic roadmap, including key drivers, benefits, objectives and deliverables, in collaboration with business and IT stakeholders
- Responsible to develop and evangelise value propositions,
- Responsible to build, produce and present reports and other client deliverable, as required.
- Work with the Consulting head / Managing Partner to define new strategies, develop and evangelise value propositions to existing and new clients
- Responsible for articulation and publication of Whitepapers, Blogs, Articles etc periodically, based on the norms set.
- Responsible for building proposals, presentations for his / her own consulting engagements
- Responsible for evangelising value propositions from the larger CRS practice
- Responsible for identifying and nurturing cross-sell and up-sell opportunities to build business.
- Be Responsible for Sales, Revenue and Delivery Targets of the Consulting Engagements for the assigned portfolio
- Be Responsible for Margins, Profitability of the engagements
- Be Responsible for Managing Billability norms for the consulting team
- Be Responsible for Employee Retention [80% of Top Performers]
"Wipro is an Equal Employment Opportunity employer and makes all employment and employment-related decisions without regard to a person's race, sex, national origin, ancestry, disability, sexual orientation, or any other status protected by applicable law"