Sr Manager - Information Risk Management

- Manage security requirements for all service locations of client locations for the allocated BU.

- Shall serve as the single point of contact with Clients for incident management and resolution, as well as for all security matters

- Conduct risk assessments for key accounts and advise the account leadership on mitigation

- Engage with business leaders & corporate functions such as legal, HR, IT etc.

- Good understanding of security concepts and their application at work

- Review security exceptions and identify risks

- Monitor the risk mitigation plans

- Review of master service agreements for accounts and advise business team on the compliance aspects.

- Support the business team in requirements on SSAE16, PCI DSS or other regulatory compliance.

- Engage with external & customer visitors for assessments

- Investigate security breaches

- Should have handled audit and compliance.

- Should be comfortable to travel across locations for audit and compliance.

- Should have adequate understanding of risk management

- Should have appropriate knowledge on networks, servers, databases

- Should have some security certifications such as CISA, CISSP, CISM, CRISC etc

For ISO 27001 Role: 1056904

- Supporting migration to the new ISO 27001 standard

- Conducting gap assessments for the new standard migration

- Working for corporate functions to plan out the audit schedule and charter

- Managing External ISO 27001 audit and coordination with auditors

- Coordinating with all internal stakeholders towards preparation of ISO 27001 certification

- Developing and reviewing Metrics for ISO 27001

- Planning assessments for any scope expansions of ISO 27001 audits

- Working with global offices and teams towards awareness of ISO 27001 standards and requirements

- Should hold certifications such as ISO 27001 LA, ISO 27001 LI, CISA, CISSP