Information Security Risk Management and Compliance (GRC)

Details : JD for Consultant (Information Security Risk & Compliance) POSITION Information Security Risk Management and Compliance (GRC) EXPERIENCE 4-5 Years KEY RESPONSIBILITIES & JOB DESCRIPTION

• Review of policy and procedure with implementation across organization
• In depth knowledge of risk management with good knowledge of handling external and internal risks
• Work with cyber risk quantification and integrate with existing risk management process
• Should be able to quantify risks and define criticality.
• Work with the internal teams to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements.
• Monitor and report on compliance with security policies, as well as the enforcement of policies.
• Ensuring operational compliances with regulations such as ISO 27001, ISO 22301, PCI-DSS, Data Privacy etc.
• Identifying risk and compliance posture of the client environment by reviewing reports such as: Vulnerability & Penetration testing, Patch Mgmt. Application Security. Cloud Security etc.
• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
• Execute information security assessment, business continuity assessment, risk assessments pertaining to Airtel environment.
• Execute technical risk assessments around applications, control testing etc.
• Ensure security by design
• Ensuring operational compliances with data privacy regulations like GDPR and guiding the delivery managers on privacy by design and security by design principles

SKILLS

• Minimum 5 Years in Information security risk management and compliance role
• Expertise in delivery of risk and compliance advisory services
• Excellent technical capabilities around information security, business continuity and technology risk assessments
• Good compliance understanding of industry domains such as ISO 27001, ISO 22301, GDPR etc.
• Excellent written and verbal communications skills

QUALIFICATIONS B.E/B.Tech with MBA preferred. 

Mandatory Industry Certifications:

• CISA/CISM/CISSP
• ISO 27001 & ISO 22301 Implementer, Lead Auditor

WORK LOCATION Gurugram

Read Full Description