Job Description

Role: Cybersecurity Delivery Consultant – BFSI

Location: Onsite

Job Summary –

 Minimum of 15 years of experience in cybersecurity consulting, with a focus on the banking or financial services industry.

Role Overview:

 As a Cybersecurity Delivery Consultant focused on the banking sector, you will play a crucial role in delivering cybersecurity strategies, solutions, and services that ensure the confidentiality, integrity, and availability of critical financial systems. You will work closely with banking clients to understand their unique security needs, conduct comprehensive consulting and security assessments, design tailored security solutions, and manage the seamless delivery of these solutions. The ideal candidate will have deep expertise in banking regulations, security frameworks, and practical hands-on experience implementing security solutions in a highly regulated environment. Additionally, you will be instrumental in integrating Automation, Generative AI (GenAI), Cyber Fraud Detection, Quantum Risk Management, and metric-based performance to ensure continuous improvement and efficiency in security processes.

Technical Skills:

 Expertise in key cybersecurity domains such as network security, endpoint protection, cloud security, and data protection.

 Experience with cybersecurity automation tools (e.g., SOAR, automated patch management) and security orchestration platforms.

 Strong understanding of Generative AI (GenAI) technologies and their application in security, including AI-driven threat detection and risk mitigation.

 Experience in developing and reporting security metrics, including KPIs and KRIs, to assess security performance.

 Hands-on experience in cyber fraud detection technologies and implementing fraud prevention measures.

 Solid understanding of quantum risk management, particularly the implications of quantum computing on cryptography and banking security

Soft Skills:

 Strong client-facing communication skills, with the ability to articulate complex cybersecurity concepts to non-technical stakeholders.

 Excellent project management skills, including experience managing timelines, budgets, and resources for cybersecurity initiatives.

 Strong problem-solving and analytical skills with the ability to work under pressure in fast-paced environments.

 Ability to mentor junior team members and collaborate with cross-functional teams to deliver comprehensive solutions.

Key Responsibilities:

 Consulting and Strategy Development:

 Provide strategic cybersecurity consulting services to banking clients, identifying security gaps, defining business-specific security objectives, and offering guidance on security architecture and solutions.

 Conduct security assessments including risk assessments, vulnerability assessments, and threat modeling to identify potential vulnerabilities and threats in banking environments.

 Develop tailored cybersecurity strategies, ensuring compliance with relevant regulatory requirements (e.g., PCI DSS, GLBA, SOX, GDPR).

Solution Design and Implementation:

 Design, deploy, and manage cybersecurity solutions for banking customers, including network security, cloud security, endpoint protection, and data security.

 Implement security controls that address vulnerabilities in banking systems, ensuring continuous protection against evolving cyber threats.

 Lead technical delivery of security solutions, ensuring alignment with security architecture, governance, and compliance standards.

Cyber Fraud Detection:

 Implement and optimize cyber fraud detection solutions to identify and mitigate fraudulent activities across digital banking channels.

 Design fraud prevention strategies using advanced technologies like AI and machine learning to detect anomalies and prevent financial crimes.

 Develop and fine-tune fraud detection algorithms and tools to monitor transactions, account activity, and prevent cyber-enabled financial fraud.

Automation and Optimization:

 Lead efforts to automate security processes and workflows, leveraging tools such as Security Orchestration, Automation, and Response (SOAR) platforms to streamline incident management, threat detection, and remediation.

 Implement Automated Threat Intelligence systems to improve proactive security defenses and reduce time-to-respond to incidents.

 Integrate automation into risk management processes, including vulnerability scanning, patch management, and reporting.

Generative AI (GenAI) Adoption and Innovation:

 Drive the adoption of Generative AI (GenAI) technologies in security processes to enhance threat detection, vulnerability assessments, and incident response capabilities.

 Explore and integrate AI-driven solutions to identify new attack vectors, automate security analytics, and predict potential future threats in the banking environment.

 Lead client discussions on the strategic use of GenAI to enhance predictive capabilities in cybersecurity defense.

Quantum Risk Management:

 Assess the impact of quantum computing on banking security systems and provide guidance on managing potential quantum risks.

 Work with clients to understand the implications of quantum computing on encryption protocols and develop strategies to future-proof systems against quantum-enabled threats.

 Stay abreast of advancements in quantum computing, quantum cryptography, and potential vulnerabilities associated with quantum technologies in the banking sector.

Risk Management and Compliance:

 Conduct detailed security assessments, risk analyses, and audits for banking clients, identifying vulnerabilities and ensuring mitigation.

 Provide guidance on cybersecurity regulations and frameworks, ensuring that banking customers comply with industry standards such as ISO 27001, NIST, and PCI DSS.

 Assist with audit preparation, regulatory reporting, and responding to security audits or assessments from external entities.

Metric-Based Security Performance:

 Establish and track key performance indicators (KPIs) and key risk indicators (KRIs) to measure the effectiveness of implemented security solutions and ongoing initiatives.

 Utilize security metrics to continuously assess and improve the bank's security posture, demonstrating measurable improvements in risk reduction, incident response, and compliance.

 Provide regular reports and dashboards for clients that detail security performance, vulnerability management progress, and ROI on security investments.

Incident Response and Recovery:

 Lead and support incident response activities for banking clients, including threat detection, containment, and remediation efforts.

 Develop and execute incident response plans, disaster recovery strategies, and business continuity plans tailored to banking operations.

Client Relationship Management:

 Build and maintain strong relationships with banking clients, ensuring effective communication and project delivery.

 Serve as the primary point of contact for all cybersecurity-related initiatives, providing timely updates and addressing client concerns.

 Guide and mentor client teams on cybersecurity best practices, including security awareness training and governance.

Continuous Improvement and Reporting:

 Continuously evaluate and improve existing security processes and controls to ensure maximum protection and risk reduction.

 Prepare detailed reports, documentation, and presentations for clients, ensuring clarity on security risks, mitigation strategies, and project progress.

Experience:

 Minimum of 15 years of experience in cybersecurity consulting, with a focus on the banking or financial services industry.

 Proven track record of delivering complex cybersecurity projects within the banking sector.

 Deep understanding of banking regulatory requirements and industry-specific frameworks, including PCI DSS, GLBA, SOX, NIST, and GDPR.

 Hands-on experience with security consulting, conducting security assessments (risk assessments, vulnerability assessments, penetration testing), and fraud detection strategies.

Education qualification:

 Bachelor’s degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.

Preferred Qualifications:

 Experience with banking-specific security tools (e.g., secure banking applications, transaction monitoring systems).

 Familiarity with DevSecOps practices and secure software development lifecycle (SDLC) in the context of banking applications.

 Knowledge of emerging cybersecurity technologies, such as AI/ML-driven security solutions and blockchain security.

 In-depth understanding of the latest developments in quantum cryptography and its implications on financial services.

Certifications Needed:

 Relevant cybersecurity certifications such as CISSP, CISM, CISA, PCI Professional, or equivalent are strongly preferred.

 Additional certifications in cloud security (AWS, Azure, GCP), ethical hacking (CEH), or security auditing are a plus.

About Mphasis

Mphasis applies next-generation technology to help enterprises transform businesses globally. Customer centricity is foundational to Mphasis and is reflected in the Mphasis’ Front2Back™ Transformation approach. Front2Back™ uses the exponential power of cloud and cognitive to provide hyper-personalized (C=X2C2TM=1) digital experience to clients and their end customers. Mphasis’ Service Transformation approach helps ‘shrink the core’ through the application of digital technologies across legacy environments within an enterprise, enabling businesses to stay ahead in a changing world. Mphasis’ core reference architectures and tools, speed and innovation with domain expertise and specialization are key to building strong relationships with marquee clients.

Skills

Equal opportunity Employer:

Mphasis is an equal opportunity/affirmative action employer. We provide equal employment opportunities to applicants and existing associates and evaluate qualified candidates without regard to race, gender, national origin, ancestry, age, color, religious creed, marital status, genetic information, sexual orientation, gender identity, gender expression, sex (including pregnancy, breast feeding and related medical conditions), mental or physical disability, medical conditions military and veteran status or any other status or condition protected by applicable federal, state, or local laws, governmental regulations and executive orders.