Ocwen - Assistant Manager - Information Security Audits & Incidents

Ocwen Financial Corporation (NYSE:OCN) is an industry leader in residential and commercial mortgage loan servicing. Ocwen is headquartered in Atlanta, Georgia, with offices in West Palm Beach and Orlando, Florida and Washington, DC and support operations in India and Uruguay. At Ocwen, we make our clients loans worth more by leveraging superior processes, innovative technology and high-quality global human resources.

Responsibilities:

- Implement the Information Security Policy and Standards across the organization

- Manage ISO 27001 ISMS audits and certification program

- Assist the reporting team and IT Stakeholders in defining IT strategy, information architecture and other technology directions

- Conduct assessment/review of IT processes and recommend action for improving IT governance maturity using reference frameworks like ISO 27001/ ITIL/others

- Operate and maintain the Information Security Management System (ISMS) of IT services based on ISO 27001

- Plan and implement ISMS in key business functions

- Asses and manage information risks enterprise risk management

- Maintain up to date Information Security policy and procedure documents, including but not limited to incident response, IT security policy, segregation of roles and responsibilities, audit plans, methodology, risk register, etc

- Develop and institute standards, policies, procedures, guidelines

- Perform security audits

- Maintain compliance to accreditations/certifications like ISO 27001 (surveillance, re certification audits)

- Review the Information Security training programs for staff and work towards continuous improvements.

- Interface with business users, collect their feedback on IT functions performance, and drive improvements

- Keep abreast with latest security and privacy regulations, advisories and alerts.

Qualifications and Experience:

- Bachelor of Engineering or equivalent

- 10-14 yrs of experience in the field of Information Technology & Security audits

- At least five (5) years of Information Systems & Security audit experience

- Experience in implementing IT controls within the IT governance framework and designing overall governance framework using standards like ISO 27001/ITIL

- Understanding and experience with risk and compliance (GRC) concepts

- Working hands-on knowledge of ISO 27001, ITIL

- At least three (3) years of Information Systems & Security audit experience

- Preferred, exposure to Financial Services industry

- Strong organizational and planning skills

- Excellent communication skills (written, verbal and interpersonal) including effective presentation and training skills to all levels of the organization and the ability to communicate IT risk in business terms; confidence to talk and present to senior leadership

- Effective PC and documentation skills (Excel, Word, PowerPoint, Visio, MS Project etc.)

- Ability to work cooperatively with all levels of staff

- Information Security technical Certifications such as ISO27001, CISSP is must

- Must be able to take initiative in the interest of company and its customers.

- Good communication/ good attitude, commitment and dedication.

- Excellent documentation skills

- Possesses skills like critical thinking, decision-making, conflict resolution, communication, leadership and problem solving skills.

- Certifications such as CISA, CISSP, CISM, CEH, ISO27001 LA required at least two certifications