IKS Healthcare - Senior Manager/Manager - Information Security Audit

Job Description

Position Title:

Sr. Manager / Manager - Information Security Audits

Reporting to: Assistant Vice President/Vice President

Location: Mumbai

Job Description:

- Provide professional audit work, individually or as part of a team, in conducting reviews of assigned organizational activities in accordance with Standards for the Professional Practice of Internal Audit, and department standard.

- Plans and executes corporate information technology (IT) audit projects designed to provide assessment of internal control processes and operational performance, in accordance with department and professional standards.

- Conduct Information security system audit/Vulnerability assessments to identify threats and vulnerabilities in the infrastructure and analyse their significance appropriately.

- Experience in managing end to end activities for certification/attestations to various standards such as ISO 27001, SSAE16, PCI-DSS

- Knowledge and experience in areas of on Ethical hacking, Penetration testing, Cloud security, Application security testing.

- Use knowledge of the current IT environment and industry IT trends to identify potential issues and risks.

- Participates in reviews of internal controls and security of systems under development as well as major IT projects and initiatives.

- Reviews all system-related information security plans throughout the organization's network to ensure alignment between security and privacy practices, and acts as a liaison to the information systems department.

- Maintains current knowledge of applicable federal and state privacy laws and accreditation standards, and monitors advancements in information privacy technologies to ensure organizational adaptation and compliance.

- Facilitate the development, implementation, communication and enforcement of privacy policies throughout the system

- Support conformity with the privacy and security policies and procedures as part of the performance evaluation process for all employees and the privileging process for credentialed providers.

Skill Set :

Technical Skills :

- Experience towards end to end implementation of at least two regulations/standards (HIPPA, PCIDSS, ISO 27001 etc.)

- Experience in review/audit or implementation of network security architecture

- Good knowledge of MS Office tools

- Knowledge on Firewall/Switches/Routers/IPS

Process Specific Skills :

- Good logical reasoning and reasonable analytical skills

- Well versed with internal auditing and monitoring methodology

- Reasonable understanding of Data security regulations/standards (HIPPA, Privacy laws, TCPA, PCIDSS), US laws and cyber laws

Soft Skills :

- Assertive and result oriented professional

- Should have confidence and convincing skills

- Team player with potential to demonstrate team leadership skills

Education :

- Primary (mandatory) - Bachelor in IT/Engineering/Technology /Lead Auditor ISO 27001/CISA

- Secondary (desired) - CISSP/ CPISI/CeH/CCNA

Experience :

- 6 -8 years post qualification consulting/auditing experience in Information security/Data Privacy Regulations and Standards related assignments

- At least 2-3 years of relevant experience in BPO/ITES industry

- Experience in managing SOC1/SSAE 16 assessments

Contact Details :

Contact person: Jasleen