Job Description

Job requisition ID :: 88249
Date: Aug 25, 2025
Location: Pune
Designation: Consultant
Entity: Deloitte Touche Tohmatsu India LLP

Job Title:

Consultant - NIST Implementation

Experience Required:

3-5 years

Location:

[Insert Location / Hybrid / Remote]

Role Overview:

We are seeking a

Consultant with 3-5 years of experience in cybersecurity and compliance

to support the implementation of the

NIST Cybersecurity Framework (CSF)

and related standards (e.g., NIST SP 800-53, 800-171). The role requires hands-on expertise in designing, implementing, and assessing

network security controls

aligned to NIST guidelines. The consultant will work closely with clients to strengthen their security posture, ensure compliance, and support risk management initiatives.

Key Responsibilities:

Assist in the

implementation and operationalization of NIST CSF, NIST 800-53, and NIST 800-171 controls

across enterprise environments. Conduct

gap assessments

against NIST frameworks to identify compliance gaps and recommend remediation strategies. Design, implement, and monitor

network security controls

, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, segmentation, and access control mechanisms. Develop and maintain

security policies, procedures, and technical standards

aligned to NIST guidelines. Support

risk assessments, security control testing, and audits

to evaluate control effectiveness. Collaborate with IT, security, and business teams to ensure security requirements are embedded into processes and technologies. Provide

consulting and advisory support

to clients on NIST compliance, governance, and network security best practices. Prepare

documentation, reports, and evidence

for internal and external audits. Stay updated with changes in NIST publications, regulatory requirements, and industry standards.

Required Skills & Qualifications:

3-5 years of experience

in cybersecurity, information security governance, or compliance consulting. Strong knowledge of

NIST CSF, NIST 800-53, and NIST 800-171

frameworks. Hands-on experience with

network security technologies

(firewalls, IDS/IPS, SIEM, VPN, NAC, segmentation). Understanding of

risk management methodologies

and regulatory compliance (e.g., ISO 27001, PCI DSS, HIPAA). Experience in

developing and implementing security policies, procedures, and control frameworks

. Familiarity with

vulnerability management, incident response, and security monitoring processes

. Strong communication skills with the ability to present findings and recommendations to technical and business stakeholders. Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications (preferred):

CISSP, CISM, CISA, CompTIA Security+, CCSP, ISO 27001 LA/LI

.

Preferred Skills:

Prior consulting/advisory experience with

Big 4 or global consulting firms

. Exposure to

cloud security controls

(AWS, Azure, GCP) aligned to NIST and CIS benchmarks. Knowledge of

Zero Trust Architecture (ZTA)

principles. * Familiarity with

automation tools

for compliance and control monitoring