Consultant - HITRUST
Job in
682011, Ernākulam, Kerala, India
Listed on 2026-02-05
Listing for:
Confidential
Full Time
position Listed on 2026-02-05
Job specializations:
-
IT/Tech
Cybersecurity, IT Consultant, Information Security, Data Security
Job Description & How to Apply Below
Key Responsibilities
Lead and execute HITRUST (e1, i1, r2) assessments and audits:
Conduct control testing and evidence validation.
Review client-prepared documentation for adequacy and effectiveness.
Evaluate business processes and control requirements.
Prepare and maintain HITRUST work papers and related documentation in line with required methodologies.
Create gap remediation action plans and provide consultative guidance to clients on addressing identified control weaknesses.
Deliver SOC 2 assessments (readiness or attestation support), including testing of controls and preparing required documentation.
Draft detailed reports, including assessment findings, observations, and recommendations; present results to client stakeholders.
Work collaboratively with clients to ensure engagement success, proactively addressing questions, concerns, and opportunities for improvement.
Manage multiple concurrent projects while adhering to timelines and deliverable schedules.
Assist clients with internal and external audit readiness and corrective action implementation.
Facilitate workshops, security awareness sessions, and management reviews as needed.
Stay updated on HITRUST, SOC 2, ISO 27001, and regional regulatory requirements, providing advisory support based on emerging industry trends.
Willingness to adjust working hours to align with client time zones (IND/US/EU) as required by project engagements
Deliverables and Outcomes
Hands-on experience with HITRUST CSF assessments (e1, i1, r2) and/or SOC 2 (Trust Services Criteria).
Strong knowledge of ISO 27001:2022 and ISO 27002 controls, ISO 31000 (risk management), and related frameworks.
Familiarity with regulatory environments such as HIPAA, GDPR, and other data protection laws.
Experience conducting internal/external audits, gap assessments, and managing certification/attestation engagements.
Understanding of information security principles (CIA) and their application in enterprise environments.
Working knowledge of cloud security and common platforms (Azure, AWS, GCP).
Exposure to security operations and GRC tools.
Strong documentation and reporting skills; ability to present findings effectively to senior stakeholders.
Key Skills
Hands-on experience with HITRUST CSF assessments (e1, i1, r2) and/or SOC 2 (Trust Services Criteria).
Experience with ISO
27001 (ISMS), ISO
31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2
Familiarity with regulatory environments such as HIPAA, GDPR, and other data protection laws.
Experience conducting internal/external audits, gap assessments, and managing certification/attestation engagements.
Understanding of information security principles (CIA) and their application in enterprise environments.
Working knowledge of cloud security and common platforms (Azure, AWS, GCP).
Exposure to security operations and GRC tools.
Strong documentation and reporting skills; ability to present findings effectively to senior stakeholders.
Competencies
Analysis Skills
Independence
Customer Focus
Communications
- Oral & written
Persuasion
Adaptability to Change
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×