Manager - Governance Risk & Compliance - CISA/CISM/CISSP - IT

- Functional experience in domain of Governance, Enterprise Risk Management and Regulatory Compliance.

- Experience in regulatory compliance like, Sarbanes-Oxley Act (SOX), General Data Protection Regulation (GDPR), NSA Compliance etc.

- A solid understanding of IT control frameworks and IT general controls

- Working knowledge of overall risk management process that is conducting/participating on internal/external risk assessments and remediation process.

- Must have experience of conducting risk, compliance & audit programs

- Experience in managing large scale information security projects

- Experience across multiple Information Security domain i.e. IT Regulatory/policy Compliance, IS Governance, Risk Management, IT Infrastructure Security

- Have good technical awareness on Information security & IT network/infrastructure components

- Open to learning and working on new domains and technology

- Open to travel onsite for long term as well as short term.

- Good written and spoken communications skills

- Performing independent Assessment & recommend mitigation strategies on client's Governance Risk & compliance environments like SOX, GDPR, NSA Compliance etc.

- Participates in process and control documentation pertaining to controls implementation.

- Participates in regulatory audits (process and IT) and management reporting.

- Facilitates IT governance implementation. Drive/assist closure of audit non-conformities

- Research and Development in best practices around core business processes, IT security.

- Develop service offerings for various industry regulatory and compliance requirements.

- Development and implementation of operational and enterprise risk frameworks.

- Liaise on with Client counterparts for compliance reporting & continually enhancing the risk & compliance framework implemented for the project.

- Drive & participate in different Risk, Compliance & Audit program and support all external/internal compliance assessment

- Monitor compliance with various contractual IT security requirements, customer policies/procedures

- Ensure relevant data privacy controls were deployed and GDPR requirements are monitored

- Point of contact for reporting & investigation of any relevant data breach

- Perform assessment to ensure that data privacy requirements were met

- Perform Delivery Center Assessment and submit report with mitigation/management response

- B.E./B.Tech

- CISA/ CISM/CISSP certification, ISO 27001 (Lead Auditor) preferred

- Candidate should be flexible to work in 24-7 work environment or EU time zones