Job Description

Our client is seeking a highly experienced NIST implementor to lead and execute cybersecurity frameworks and compliance programs based on NIST CSF 1.1, NIST CSF 2.0, NIST 800-53, NIST 800-30, NIST 800-37, and NIST Risk Management Framework (RMF).

We are looking for immediate joiners who can bring practical experience in implementing and managing NIST-based security programs for enterprise clients.

Requirements

Key Responsibilities:

NIST Framework Implementation and Cybersecurity Compliance & Governance

  • Implement NIST Cybersecurity Framework (CSF 1.1 & CSF 2.0), NIST 800-53, and NIST RMF across enterprise environments.
  • Conduct NIST gap assessments, risk assessments, and maturity modelling to evaluate an organization’s security posture.
  • Align NIST 800-53 controls with business processes and regulatory requirements.
  • Perform bidirectional mappings between C2M2 and NIST CSF to evaluate control alignment.
  • Ensure security controls align with ISO 27001, CIS Controls, ITGC, ITAC.
  • Develop and implement security policies, procedures, and guidelines based on NIST standards.
  • Develop maturity models based on NIST CSF and C2M2 frameworks.
  • Establish C2M2-to-CSF and CSF-to-C2M2 mappings to assess cybersecurity maturity.
  • Apply NIST OLIR (Online Informative References) guidelines for framework integration. 

Stakeholder Engagement & Security Advisory

  • Work closely with C-level executives, security teams, auditors, and regulators to ensure compliance.
  • Prepare risk reports, dashboards, and technical assessments for stakeholders.
  • Provide security training and awareness to teams on NIST implementation.

Requirements:

Education & Expertise:

  • Bachelor’s or master’s degree in computer science, Cybersecurity, Information Technology, or related fields.
  • Deep knowledge of NIST frameworks:
  • NIST CSF 1.1 & 2.0, NIST 800-53, NIST 800-30, NIST 800-37, NIST RMF.
  • NIST gap assessments, security control implementation, and maturity modelling.
  • C2M2-to-CSF and CSF-to-C2M2 bidirectional mappings.
  • Experience in controls testing, security control validation, and effectiveness assessment.
  • Strong understanding of regulatory frameworks (ISO 27001, SOC 2, PCI DSS, RBI, SEBI, GDPR).
  • Expertise in cyber risk assessment methodologies, cloud security (AWS, Azure, GCP), and IT governance.
  • Technical Control- ToD ( Test of Design) , ToE (Test of Effectiveness). 

Certifications (Preferred):

CISSP, CISM, CISA, CRISC, CCSP, CGEIT, ISO 27001 LI/LA, AWS Security Specialty, Azure Security Engineer.

Benefits

Work with one of the Big 4's in India

Healthy work Environment

Work Life Balance

Apply for this Position

Ready to join ? Click the button below to submit your application.

Submit Application