Measures of Success (Define the Outcomes expected of the role)
- Successful development and contribution to the vendor risk security programme
- Promote commitment, trust and engagement between them and their workforce
- Manage internal stakeholders to achieve high level performance whilst ensuring their personal wellbeing.
- Increase in maturity of vendor risk Programs (Adoption & Capabilities).
- Delivery of project plans, milestone updates, presentations, assessment reports and communications to senior management and other relevant stakeholders.
Skills Sets Required -
- Knowledge in multiple information security technologies and their strengths and shortcomings.
- Proven experience with securing information for various technical solutions.
- Monitor marketplace trends and experiences on security, audit and control issues.
- Knowledge of common assessment control techniques.
- Knowledge of analytic techniques and methods.
- Understand security controls from a people, process and technology perspective.
- Understanding of security architectural principles and standards.
- Experience in system security, network security and information security, covering areas of ISMS Management / PCI DSS, Technology risk and compliance, BCP & DR planning, Implementation and compliance, IT and IS audits, BCP audits, Security operations assessment and Cloud security.
- Should be familiar with standard security processes and guidelines.
- Should be familiar with PCI and PA DSS
- Ability to interact and work with various senior stakeholders. Manage congruent relationships among different teams.
- Excellent written & verbal communication & presentation skills.
- PCI DSS, PA DSS, ISO27001 & audit experience. Strong ability to devise, drive and implement standard processes and best practices (both from security and risk perspective) for all the suppliers.
- Ability to lead, collaborate, challenge and influence peers. Passion for project based execution and process improvement.
- Excellent Documentation, Communication, presentation, interpersonal and leadership Skills
Must have Qualification
- A Bachelors Degree or advance course in Computer Science or Information Security related areas
- Post-Graduation (Preferred) - MBA or Masters in related field
- Industry-standard certifications such as CISA, CISM, ISO27001 LA, CEH, CCNA, CISSP, MCP etc. as preferred.
- Experience managing service providers/supplier relationships (Required)
- Should have strong knowledge of risk assessments frameworks such as - NIST CSF & 800-53, ISO27001, SOC, PCI, GDPR, etc.
Relevant Experience with respect to the role
- 6+ years overall in information security, IT auditing & IT / vendor risk management processes.
Didn’t find the job appropriate? Report this Job