Accountabilities
- Act as the functional specialist for IT Information Risk Management (IRM)
- Proactively review 's information security and related risks wrt threats and vulnerabilities, legal and regulatory compliance
- Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies.
- Facilitate smooth conduct of Risk Assessment on Applications, Network& Systems, and Legal & Regulatory.
- Coordinate in conducting VAPT (Vulnerability Assessment and Penetration Test), Review VAPT results and recommend the risks to be remediated.
- Work with Project Managers, Business Analysts, Architecture and Support Team to ensure IRM standards are being followed.
- Incorporate Security in the Software Development Life cycle.Support the - Prevent- and - Validate- staff and IRM COB in education and awareness of Information security related issues and risks, and influence of behaviours of IT and Business staff as part of mitigating these risks.
- Support in development of tooling to support IRM processes and ensuring this is fit for purpose.
- Actively participate in reviewing and improving the Information Security Controls implemented in the organization.
- Active participation in the Assurance and Architecture level discussions in the engagements.
- Actively participate in IRM team and community meetings, representing IRM and Business interests in applying setting standards and policies for the Group and the businesses, leading to a fit for purpose, evergreen IRM framework.
- Support maintenance and development of the IRM related Control Framework and related processes and procedures
- Ensure that IRM continues to focus on risks significant to the Business, with emphasis on innovation.
- Contribute to the quarterly Risk Management updates for IT and information management (IM) risks in IRM.
- Ensure a successful response to the Information Management, Health & Safety and Guided Business Principles dossiers.
- Serves as IRM functional expert for Business.
Qualifications
- A qualification in CISSP, CISA, CRISC or CISM
Experience
- Must have previous experience in an (Information) Risk Management role and/or PCI implementation or assessment role.
The notice period is 20 to 25 days maximum.
It is a Contract to hire position.
Nitin
Url: www.dynproindia.com
Didn’t find the job appropriate? Report this Job