Roles and Responsibilities
Experience: 0 to 3 Yrs
Notice Period: Looking for immediate joiners or who can join within 15 days.
Qualifications & Skills:
- Helping to manage the development and implementation of security policies, standards, guidelines and procedures to ensure the ongoing improvement and maintenance of security posture in line with ISO 27001, SOC1 & SOC 2, TPRM and GDPR standards & regulations.
0 to 3 years as a Subject Matter Expert (SME); working with industry frameworks including Third Party Risk Management.
- Risk Management experience like:
- Calculate risk
- risk acceptance
- supply chain / third party risk management
- Good understanding of Compliance like PCI, GDPR, SOX - (CCPA)
- Good reporting skills
- Develop and maintain assessment checklist and documents. Conduct comprehensive risk assessment and prepare impeccable reports.
- Knowledge of Risk Management Principles (risk avoidance, transfer, mitigation, acceptance), Risk Assessment process. Knowledge of information security risk management and IT controls frameworks and methodologies (e.g. ISO/IEC 27005, COBIT,)
- Perform information security risk assessments and risk management activities across the organization.
- Perform SOC 1 and SOC 2 (System and Organization Controls) assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants).
- Establish and maintain risk criteria, identify, analyze, and evaluate information security risks. Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities and risks.
- Having good knowledge in creating/establishing the reports in scope of Risk Assessments
Desired Candidate Profile
Perks and Benefits