EC-Council - Assistant Manager - IT Governance/Risk & Compliance

Roles and Responsibilities :

- Working with the GRC Director on various governance, risk and compliance activities to ensure strategic alignment of information security in support of business objectives

- Develop, document and maintain enterprise- wide governance materials including policies, procedures, standards and guidelines

- Ensuring compliance to various standards like ISO 27001, 22301, SOC 2 and other applicable regulations

- Preparing and Maintaining documentation for ISO 27001, 22301, SOC 2 and other certification activities

- Maintain and report on the organization's governance, compliance and risk management metrics

- Assist in IS Risk Assessment activities such as, but not limited to: o Identify and analyze risks through suitable and recommended methods o Preparation of risk registers and risk treatment plans

- Preparation of presentations and decks to be presented to the Top Management

- Facilitate and support internal and external audits

Requirements:

- Bachelor's or Master's degree in IT or any other related degrees 

- 2-4 years of experience in Information Security 

- Preferably worked in a Big 4 or consulting environment 

- Up to date knowledge of information security, ISO 27001, Risk Management/Assessment, BCP, etc.

- Has previously worked on at-least 3 of the following areas/projects: ISO 27001, ISO 22301, IS /vendor audits, SOC2 projects, NIST, Drafting IS Policies and procedures, or other governance related projects

- Strong analytical and communication skills - Ability to manage multiple simultaneous tasks and priorities with tight deadlines, excellent time management skills and ability to work independently

- Competency in Excel, Word and PPT

- Industry certifications covering IS are added advantage - CISA, ISO 27001:2013 LA or LI, ISO 22301