- Functional experience in domain of Governance, Enterprise Risk Management and Regulatory Compliance.
- Experience in regulatory compliance like, Sarbanes-Oxley Act (SOX), General Data Protection Regulation (GDPR), NSA Compliance etc.
- A solid understanding of IT control frameworks and IT general controls
- Working knowledge of overall risk management process that is conducting/participating on internal/external risk assessments and remediation process.
- Must have experience of conducting risk, compliance & audit programs
- Experience in managing large scale information security projects
- Experience across multiple Information Security domain i.e. IT Regulatory/policy Compliance, IS Governance, Risk Management, IT Infrastructure Security
- Have good technical awareness on Information security & IT network/infrastructure components
- Open to learning and working on new domains and technology
- Open to travel onsite for long term as well as short term.
- Good written and spoken communications skills
- Performing independent Assessment & recommend mitigation strategies on client's Governance Risk & compliance environments like SOX, GDPR, NSA Compliance etc.
- Participates in process and control documentation pertaining to controls implementation.
- Participates in regulatory audits (process and IT) and management reporting.
- Facilitates IT governance implementation. Drive/assist closure of audit non-conformities
- Research and Development in best practices around core business processes, IT security.
- Develop service offerings for various industry regulatory and compliance requirements.
- Development and implementation of operational and enterprise risk frameworks.
- Liaise on with Client counterparts for compliance reporting & continually enhancing the risk & compliance framework implemented for the project.
- Drive & participate in different Risk, Compliance & Audit program and support all external/internal compliance assessment
- Monitor compliance with various contractual IT security requirements, customer policies/procedures
- Ensure relevant data privacy controls were deployed and GDPR requirements are monitored
- Point of contact for reporting & investigation of any relevant data breach
- Perform assessment to ensure that data privacy requirements were met
- Perform Delivery Center Assessment and submit report with mitigation/management response
- B.E./B.Tech
- CISA/ CISM/CISSP certification, ISO 27001 (Lead Auditor) preferred
- Candidate should be flexible to work in 24-7 work environment or EU time zones
Didn’t find the job appropriate? Report this Job