Job Description:
Looking out for smart, energetic, self-motivated, process-oriented folks for our growing Global Compliance team!
Roles & Responsibilities:
- Have strong concepts of Information Security and Risk Management frameworks
- Good knowledge about models, standards and control frameworks such as CMMI/ISO 9001/ISO 27001/SOC/COBIT
- Experience in identifying security threats, vulnerabilities and risks with respect to the organization
- Adequately analyze and document all information systems and related controls and develop an appropriate audit program to test the controls identified
- Evaluate the adequacy of security and processing controls as they relate to each audit, and the effectiveness of general IT controls in effect in the IT environment
- Have experience in managing external audits and vendor risk assessments
- Have experience in conducting Internal Information Security audits
- Robust understanding of Software Development life cycle with security focus
- Good awareness about project management methodologies including Agile frameworks
- Have ability to prepare, review, maintain and manage changes to policy and procedure documentation
- Able to develop and conduct training on quality, security and data privacy
- Good understanding on security related aspects with respect to IT Infrastructure, HR, Admin and Operations activities of an organization
- Maintain active communication with clients and leadership to manage expectations, ensure satisfaction, make sure deadlines are met, and lead change efforts effectively
- Experience in handling security incidents and drive incident investigation committee
- Exposure to global data privacy regulations like GDPR/CCPA
- Team with sales and marketing for reviewing RFPs and providing effective feedback.
- Strong written & verbal communication skills
Experience: 3-6 Years
Preferable experience in:
- Conducting vulnerability assessments & penetration testing analyzing related reports
- IT SOC and Network security
- Web application security
Education:
- UG: Any Graduate – Any Specialization
- PG: Any Postgraduate – Any Specialization
Certifications:
- CISA/CISM
- ISO 9001/27001 Lead Auditor