| Company | Deloitte |
| Entity | Deloitte Touche Tohmatsu India LLP |
| Job Title | Manager | ISO 27001 | Cyber Strategy & Transformation |
| Designation | Manager |
| Job Requisition ID | 99903 |
| Location | Bengaluru |
| Practice / Team | Cyber Strategy & Transformation |
| Role Objective | Lead ISO/IEC 27001-based Information Security Management System (ISMS) implementation and cyber risk transformation projects |
| ISMS Implementation | Design, implement, and maintain ISMS aligned with ISO/IEC 27001:2022 for global clients |
| Gap Analysis | Conduct gap assessments against ISO 27001 requirements and Annex A security controls |
| Risk Management | Perform information security risk assessments using frameworks such as ISO 27005 |
| Statement of Applicability (SoA) | Define and justify control inclusion/exclusion based on client risk posture |
| Internal Audit | Conduct internal ISMS audits before external certification audits |
| Policy Development | Create security policies, standards, and procedures tailored to client organizations |
| Project & Engagement Management | Manage project timelines, budgets, resources, and delivery of large cybersecurity engagements |
| Quality Assurance | Review deliverables from consultants to ensure Deloitte quality standards |
| Stakeholder Management | Present security findings and roadmaps to C-Suite executives such as CISO, CIO, and CRO |
| Reporting | Develop dashboards and risk reports for senior leadership |
| Business Development | Lead RFP proposals and identify additional cybersecurity consulting opportunities |
| Thought Leadership | Contribute to whitepapers, conferences, and internal methodologies |
| Team Leadership | Mentor junior staff, guide career development, and support recruitment |
| Integrated Framework Consulting | Map ISO 27001 controls with frameworks such as NIST CSF, SOC2, HIPAA, and GDPR |
| GRC Tools Advisory | Guide clients on GRC platforms like ServiceNow, OneTrust, and Archer |
| Certification Support | Coordinate with certification bodies during Stage 1 and Stage 2 ISO certification audits |
| Experience Required | 7–10 years in Cybersecurity with 4–5 years focused on ISO 27001 |
| Required Certifications | ISO 27001 Lead Implementer or Lead Auditor |
| Preferred Certifications | CISSP, CISM, CISA |
| Education Requirement | Bachelor’s or Master’s degree in IT, Cybersecurity, or Risk Management |
| Key Soft Skills | Executive communication, leadership, stakeholder management, strategic thinking |
