Manager/Sr Manager/Director - IT & Information System Security Risk Governance - Big4

About the company : Big 4 Consulting Firm

Title : Manager, Senior Manager, Director - IT & Information System Security Risk Governance

Responsibilities :

- Carry out Information Security Assessments and Audits, Review organisational preparedness towards the implementation of ISMS aligned to ISO27K

- Assist is certification and ongoing compliance of the organisation for ISO27K, PCI-DSS, SSAE 16, SOX standards and other regulatory requirements

- Conduct cyber security assessments w.r.t RBI guidelines, IT Act and compliance to regional specific regulatory requirements in Banking and Insurance domains

- To implement organisational specific framework, build policies, standards and control documents as per ISMS requirements

- To assess and review Business Continuity Management Framework implementation including Business Impact and Risk Assessment, BCM strategy and policy

- To assess and review IT Disaster Recovery Plan, Conduct DR Drills and Tests

- Assist is building Data Privacy frameworks and subsequent implementation

- To create frameworks, determine KPIs and KRAs, implement Info Secure risk measurement methodology and build cyber security assessment tool which align with NIST, FFIE model

- Business development support in building RFP, Sizing effort estimates

Requisite Skills :

- 10+ years of hands on experience in conducting risk assessment and implementation of polices, standards and controls

- Lead the organisation towards certification of ISO27K, PCI-DSS

- Experience in handling large multi locational data center, BCP/DR assessment programs

- Experience in sectors like BFSI, High end engineering, Pharma and Telecommunications

- Certifications like CISA, CISSP, ISO27000LA, PMP, CEH, Data Privacy Assurance, BCP/BCM, ITDR