Proprietor at Info Corporate Service
Views:140 Applications:42 Rec. Actions:Recruiter Actions:4
Senior Consultant - IT Governance/Risk Management/Compliance - IT Firm (7-12 yrs)
We are looking for Senior GRC Consultant in Navi Mumbai
Mandatory Skills :
Pci-dss, Iso 27001, Nist Csf, Cobit, Risk Management Methodology, Grc, Security Management, Cissp, Cisa,Cism, Iso27001 Auditor
Job Description :
Job Function : Managing GRC Projects
Roles & Responsibilities :
- Conducting Information Security Governance, Risk & Compliance (GRC) Consulting projects for customers across the globe using various standards like PCI-DSS, ISO 27001, NIST CSF, COBIT, etc.)
- Defining the risk management methodology supported by a threat-vulnerability assessment in collaboration with key stakeholders within the organization.
- Defining, documenting, Implementing and refining information security management frameworks within client organizations. The documentation may include Information security strategy, IS policies, procedures, standards, guidelines, SOP- s, forms, templates, etc.
- Conducting comprehensive risk assessments in close coordination with internal and external stakeholders.
- Assisting in implementation/maintenance of information security policies and procedures in compliance to Governance, legal, contractual or internal requirements.
- Liaison with and provide expert guidance to customer Information Security and other Departments.
- Conduct Security Risk assessments to enable stakeholders to make risk decisions in an informed and considerate manner keeping business objectives as paramount.
- Review the security aspects of business cases, IT application / infrastructure changes, IT & IS project proposals, requirements, solution designs & system architectures.
- Create and promote security awareness campaigns. Conducting Information Security awareness programs with objective of increasing the information security awareness of staff and management on latest information security threats and vulnerabilities through innovative ideas and initiatives.
- Managing the assigned team, project management & delivery management
- Training the internal team on GRC & Risk Assessment .
- Meeting prospective customers on presales meetings and/or specialized GRC and risk management consulting services.
- Monitor and review Information Security compliance.
- Coordinate with customer IT project management department, vendors and consultants to build an effective security program.
- Lead Information Security Annual Planning, Information Security Architecture and IS Governance reviews for customer organization.
Desired Skills :
- Any one Relevant professional certifications like CISSP, CISA,CISM, ITIL, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer etc. mandatory.
- Desirable to have working knowledge of Vulnerability Assessment, Network Penetration Testing & Application Security Testing.
- Ability to operate in an autonomous fashion but also be involved in the team work .
Required Qualification :
- A Bachelor or a Master- s degree in IT, ECE or Computer Sciences.
Job Insights :
- Candidate should be willing travel within and outside India.
- Prefer Male Candidates.
- Prefer Candidates with Notice period of maximum 60 days.
- Candidate should have worked in atleast 5-6 years in GRC sector.
Recruitment Stages : 1) Technical Round ( Telecon/ skype) 2) Technical Round (Telecon/ skype) 3) F2f / skype with the hiring Manager (Bangalore office)
Office Days : Monday to Friday (alternate saturdays are working)
Office Location : Belapur Navi Mumbai