InnoQuest Consulting comprising a Core team of seasoned Talent Acquisition professionals with experience across diverse industries ranging from IT, ITeS, Banking & Financial Services and Telecom with team's core expertise in Mid/ Senior Management & Leadership hiring.
About our client :
Our client is a leading business process and software services provider serving multiple industries with key focus on the financial services industry.
Min. Qualification : Post Graduate in Technology / Science Bachelor in Technology / Science with MBA or relevant professional certification
Skills and Behavioural traits
- Hands on experience of auditing ISO/IEC 27001:2005, ISO 31000, PCI DSS, SSAE 16, GLBA, ITIL
- Clear understanding & knowledge of Information Security, IT security, Data Privacy, BCM & Riske Based Audits
- Experience of project management
- Knowledge of ISO 31000 & cobit
- Presentation skills
- Decision making capability
- Team management
- Analytic capability
- Time management
- Effective prioritization
Essential duties and responsibilities include the following: (other duties may be assigned)
- Managing a team of Information security & risk auditor, grooming them in domain
- End to end security, technical, data privacy & risk based audit lifecycle management and producing quality report in time with recommendation
- Interacting with Functional Management & Internal Client to moderate the activities of the security & risk audit
- Control efficiency auditing and compliance assurance
- Maintaining the GRC Framework including client controls
- Document review gap assessment and document updation
- Identify the ineffective security controls and reporting the same to Head ESRG along with efficient and cost effective control plan
- Evaluating the asset based risk assessment document and conducting the risk assessment workshop
- Maintaining audit control check list
- Conducting audit in-line with ISO, PCI, SSAE 16, DPA framework to assure control adherence and improvement
- Interacting with functional management & internal client to coordinate the activities of the audits
- Serves as an internal information security consultant to the organization
- Documents/review security policies and procedures as per the instruction of ESRG Head
- Create information security awareness within the organization
- Identify new risk to the organization and recommend the controls
- Conducting in house workshops
- Presenting weekly & monthly status report along with dashboard to head ESRG
Didn’t find the job appropriate? Report this Job