Associate - IT Compliance - Cybersecurity - BFS

About Us

Founded in 2006, TresVista has been the leading provider of high-end outsourced support for asset managers, entrepreneurs & corporates for over a decade. TresVistas support functions include business plan development, all aspects of fund administration, portfolio management, valuation & research and deal sourcing & execution. With offices in Bengaluru, Mumbai, Pune & Singapore, managing over $10 trillion in AUM, across geographies & asset classes and over 1,000 clients, TresVista delivers cost & operational efficiencies with dedicated teams across functions

The Role & Responsibilities

- Understanding the business and IT infrastructure including applications and servers through interactions and walkthroughs

- Collecting information and reviewing information systems policies, standards and procedures to verify that they address the organization's internal and external requirements and to identify information systems control deficiencies

- Understanding the various processes in place at the organization, such as RIS, IT, HR, FMS, Software Development, strategy and their integration with one another

- Performing a root cause analysis of the various risks identified and development of solutions to mitigate the risks and the flow of data and information and performing a threat and risk analysis of each process

- Facilitating external IT audits (ISO 27001 and SOC 2) corporate-wide examinations

- Facilitating external VAPT audits, phishing drills, client audits

- Responding to client due diligence questionnaires around IT Security

- Assisting with development and implementation of corporate compliance procedures and controls

- Performing special compliance and audit related projects as assigned

- Managing and measuring the IT Security Framework and developing and maintaining a technology risk assessment program for business applications and processes

- Conducting internal VAPT audits and share the reports with the management

- Keeping the department updated with the latest technological changes and cybersecurity advancements

- Designing and producing metrics showing operational compliance with best practices

- Planning, supervising, and conducting testing to confirm continuous efficiency and effectiveness of information system controls

- Reviewing of Business Impact Analysis, Risk Assessment, Current State Network assessment and Recovery Strategy Analysis

- Providing recommendations to the Top Management based on industry best practices to optimize IT processes and achieve business goals

Prerequisites

- Sound understanding of auditing/compliance

- Strong eye for detail

- Good command over written and spoken English

- Ability to meet deadlines and good time management skills

- Ability to work well under pressure with tight deadlines while delivering high quality and output

- Should be able to manage a team effectively as well as contribute individually to projects

- Knowledge of Personally Identifiable Information (PII) data security standards

Growth Opportunity

- Steep learning curve and a clearly defined career path

- Subsequent promotion to AVP/VP accompanied by significant increase in responsibility and compensation

- Potentially, based on performance, be a part of the International compliance consulting team

Qualification

- Graduation/Post Graduation (B.E/ B.Tech, M.E/M.Tech, M.Sc IT)

- CEH V9 or other equivalent Ethical Hacker degree is preferable

- One or more of the following information security certifications or advanced degree in information security/cybersecurity: CISSP/OSCP/CISM/CRISC/CISA/HISP or equivalent

Experience

4-6 years of experience in Security Compliance/IT Audit/System review role

Compensation

The compensation structure will be as per industry standards