This is how we helped a B2B client improve their information security practices to control the availability of information, as well as enable confidentiality, and integrity that was critical to its business growth
December 15, 2022 | By Accorian
ISO 27001
To meet the growing demands of their services,
The client had implemented sophisticated technology assets for business operations, thereby increasing the organization’s exposure to attacks on its IT, as well as business infrastructure. To overcome these situations the client had to place immense emphasis on the improvement of information security practices with regards to confidentiality, integrity, and availability of information within the company. For this, they hired Accorian to implement IT risk management processes, align internal privacy standards with international standards, and incorporate maturity in documentation.
Download Case Study
[contact-form-7 id="892" title="Case study download"]
Perform Penetration Testing for networks (internal & external), applications, APIs & cloud assets
along with Red & Purple Team assessments
Vulnerability identification and analysis
Collaborate with team members and stakeholders to define project scopes, review test results,
and determine remediation steps
Draft reports and communicate complex security concepts and test findings to clients and
stakeholders
Make expert recommendations to help clients improve their information security program
Work on researching & developing utilities, toolkits, processes, tactics, and techniques
Qualifications & Requirements
5-7 years of penetration testing experience, preferably in highly regulated industries and for
global clients
At least 2-3 years of experience in managing a team is a plus
Proficiency with scripting and programming languages
Advanced problem-solving skills
OSCP/OSWE certification preferred but, GPEN, GWAPT, GXPN, CREST, CESG, and similar
certifications are a plus
Experience with Cobalt Strike a plus
Strong written and verbal communication skills
Ability to work autonomously with little directional oversight
Ability to lead a project and multiple testers
Commitment to quality and on-schedule delivery; and a proven ability to establish and meet
milestones and deadlines
Customer-focused mentality to understand and appropriately respond to customers’ business
needs
A day in the life
Perform Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple
Team assessments
Vulnerability identification and analysis
Collaborate with team members and stakeholders to define project scopes, review test results,
and determine remediation steps
Draft reports and communicate complex security concepts and test findings to clients and
stakeholders
Make expert recommendations to help clients improve their information security program
Work on researching & developing utilities, toolkits, processes, tactics, and techniques
Qualifications & Requirements
2-4 years of penetration testing experience, preferably in highly regulated industries and for global clients
Proficiency with scripting and programming languages
Advanced problem-solving skills
OSCP certification preferred but, GPEN, GWAPT, GXPN, CREST, CESG and similar certifications a plus
Experience with Cobalt Strike a plus
Strong written and verbal communication skills
Ability to work autonomously with little directional oversight
Ability to lead a project and multiple testers
Commitment to quality and on-schedule delivery; and a proven ability to establish and meet milestones and deadlines
Customer-focused mentality to understand and appropriately respond to customers’ business needs
JD for Compliance Services
Accorian is an emerging well-funded cybersecurity strategy consulting start-up with a global clientele
and headquartered in New Jersey with regional offices in UAE & India. Our team comprises of
cybersecurity & IT industry veterans who’ve held leadership & CXO roles at large global enterprises.
We help secure disruptors & technology first companies in the US who are trailblazers in their own
fields & will emerge as the next unicorn of the world. Our clients range from FinTechs, HealthTechs,
MSPs, SaaS etc.
Benefits include best in class salaries, bonuses, family insurance, exposure to global clients working
on the next gen technologies, working with a team with an average experience of 15+ years in
technology & security and overall experience of conducting 100s of audits, assessments, trainings,
labs etc.
A day in the life
Aid our clients in implementing & meeting various standards, regulatory and
compliance requirements such as SOC 2, HIPAA, HITRUST, NIST CSF, ISO27001 etc.
Assist senior members of the team with assessments and audits
Ensures the effectiveness of the IT compliance and security program & assist in
developing and executing mitigation plans
You will aid our clients to meeting various standards by –
Enhancing the client’s understanding of the standard by breaking down the
requirement statements, tasks & specifications
Facilitate/conduct activities like Risk Assessment, Control Testing, Pre-audit/Internal
Audit
Program Manage for successfully implementing the standard/s
Design Policies & Procedures and Security Controls
Provide expert opinion on mandatory tools and technologies
Prepare Technical designs & business case studies for various IT security technologies &
products.
Conduct audits/assessments including audit plan preparation, review of
documentation & evidence, evaluation of procedures, and client interviews
Manage priorities and tasks to achieve delivery utilization targets
Qualification / Requirement
Relevant experience in compliance services
Security Certification
Advanced problem-solving skills & attention to detail
Strong written and verbal communication skills
Ability to work autonomously with little directional oversight
Ability to lead a project and multiple consultants & client resources
Commitment to quality and on-schedule delivery
Customer-focused mentality to understand and appropriately respond to customers’ business needs