InnoQuest Consulting comprising a Core team of seasoned Talent Acquisition professionals with experience across diverse industries ranging from IT, ITeS, Banking & Financial Services and Telecom with team's core expertise in Mid/ Senior Management & Leadership hiring.

About our client :

Our client is a leading business process and software services provider serving multiple industries with key focus on the financial services industry.

Min. Qualification : Post Graduate in Technology / Science Bachelor in Technology / Science with MBA or relevant professional certification

Skills and Behavioural traits

- Hands on experience of auditing ISO/IEC 27001:2005, ISO 31000, PCI DSS, SSAE 16, GLBA, ITIL

- Clear understanding & knowledge of Information Security, IT security, Data Privacy, BCM & Riske Based Audits

- Experience of project management

- Knowledge of ISO 31000 & cobit

- Presentation skills

- Decision making capability

- Team management

- Analytic capability

- Time management

- Effective prioritization

Essential duties and responsibilities include the following: (other duties may be assigned)

- Managing a team of Information security & risk auditor, grooming them in domain

- End to end security, technical, data privacy & risk based audit lifecycle management and producing quality report in time with recommendation

- Interacting with Functional Management & Internal Client to moderate the activities of the security & risk audit

- Control efficiency auditing and compliance assurance

- Maintaining the GRC Framework including client controls

- Document review gap assessment and document updation

- Identify the ineffective security controls and reporting the same to Head ESRG along with efficient and cost effective control plan

- Evaluating the asset based risk assessment document and conducting the risk assessment workshop

- Maintaining audit control check list

- Conducting audit in-line with ISO, PCI, SSAE 16, DPA framework to assure control adherence and improvement

- Interacting with functional management & internal client to coordinate the activities of the audits

- Serves as an internal information security consultant to the organization

- Documents/review security policies and procedures as per the instruction of ESRG Head

- Create information security awareness within the organization

- Identify new risk to the organization and recommend the controls

- Conducting in house workshops

- Presenting weekly & monthly status report along with dashboard to head ESRG

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.