Cyber Risk & Compliance Consultant

Information Security Consultant

ValueMentor is looking for Cyber Security Risk and Compliance consultants with experience in consulting cyber security compliance programs such as:

  • ISO 27001 Consulting
  • NESA Compliance
  • ISR Compliance
  • Saudi CSF

We are looking for people with minimum 3 to 5 years of experience in at least two of the above standards / regulatory compliance requirements

Department: Cyber Risk & Compliance
Project Location(s): Bangalore, Infopark - Thrissur, Kochi
Education: Graduate


  1. Run Compliance Workshops – presenting to top level management, decision makers and risk owners. You’ll be able to explain the standard / regulatory requirements in a clear way, and break it down into tasks that can form the beginning of our clients’ road to achieving ISO27001 certification
  2. Establish or improve an ISMS – guide our clients through the process of creating and implementing an ISMS
  3. Risk Workshops – working with our clients to introduce them to risk management, and help educate key stakeholders within their business
  4. Manage a risk assessment process – lead the delivery of a risk assessment, including defining the risk management methodology and conducting a risk assessment
  5. Perform control reviews – review the implementation status of technical and non-technical controls, report the findings, and provide pragmatic recommendations
  6. Develop risk treatment plans – work with clients to develop risk treatment plans
  7. Security Awareness Training – deliver end-user security awareness training sessions

You will be delivering client engagements 60-70% of the time, which is split between on-site and remote days for reporting. Our clients are primarily based in India and Middle East, however some international travel is required- therefore all candidates must be willing to travel.


Candidates must have demonstrable experience of delivering client-facing consultancy, covering some or all of the areas listed in the responsibilities section.

The candidate will also:

  • Have at least 3 to 5 years experience in a consulting role
  • Have a working understanding of the ISO 27001 / GDPR / NESA / QNIA / SAMA CSF
  • Have awareness of PCI DSS
  • Understand and have experience of reviewing/managing the following
    • Server and desktop operating systems
    • Network devices
    • Vulnerability management
    • Physical security
  • Hold ISO27001 Lead Implementer or Lead Auditor certification


Whilst a collection of certifications is less important than experience, possessing any of the following certifications would be beneficial:

  • CISM
Interested in working with us? Apply now at
Work @ ValueMentor

ValueMentor offers a very challenging and learning oriented career path for our colleagues. Our colleagues find it exciting in learning new things and contributing to the success of our customers.

  • Values
  • Culture
  • Amazing People
  • High performance