We Have an Urgent Opening for - Regulatory compliance and audits (Consultant)
Job location - Gurgaon
CTC- Upto 20 lac
JOB DESCRIPTION & KEY RESPONSIBILITES:
- Responsible for implementation, operation, and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards, including, where applicable, certification against ISO/IEC 27001
- Mapping the various compliance requirements and conducting gap assessment vis- vis implementation posture and ensuring their closure with respective process SPOC
- Responsible for related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations
- Creating, updating Policies, Procedure, Guidelines and checklists pertaining to ISMS and Regulatory requirements and evaluate the efficiency of controls and improve them continuously
- Performing Information Security Risk Assessment with respective SPOC and preparing Risk Register and
KNOWLEDGE, SKILLS & EXPERIENCES:
- The candidate must have an in-depth understanding of Information Security Management and Governance Frameworks, strong knowledge of Cyber Security best practices and protocols and IT risk management.
Specific skills & experience should include:
- Information Security Management practices and protocols, including in-depth knowledge of ISO 27001, NIST and ISO 31000
- A strong understanding of IT risk and resilience, Business Process improvement methods as well as risk related control frameworks and practices (COSO, ISO 31000, COBIT etc.)
- Strong knowledge of IT and Operations Audit methodology
- Solid understanding of the Operational Risk Management methodology and related requirements.
- 4 to 5 years breadth of exposure to Information Technology environment and/or various LOB environments within the financial domain
- Reasonable depth of exposure/understanding of regulatory compliance such as RBI, NHB, SEBI circulars
- Must be able to formulate Business Continuity Plan and carry out the Business Impact Analysis
- Excellent team skills, both as a leader and as a team player
- Excellent communication skills, especially related to facilitation, documentation and reporting
Expected: Industry certification in one or more of the following: CISA, CISSP, ISO 27001 Lead Auditor
Didn’t find the job appropriate? Report this Job