Job Description
Position Title:
Sr. Manager / Manager - Information Security Audits
Reporting to: Assistant Vice President/Vice President
Location: Mumbai
Job Description:
- Provide professional audit work, individually or as part of a team, in conducting reviews of assigned organizational activities in accordance with Standards for the Professional Practice of Internal Audit, and department standard.
- Plans and executes corporate information technology (IT) audit projects designed to provide assessment of internal control processes and operational performance, in accordance with department and professional standards.
- Conduct Information security system audit/Vulnerability assessments to identify threats and vulnerabilities in the infrastructure and analyse their significance appropriately.
- Experience in managing end to end activities for certification/attestations to various standards such as ISO 27001, SSAE16, PCI-DSS
- Knowledge and experience in areas of on Ethical hacking, Penetration testing, Cloud security, Application security testing.
- Use knowledge of the current IT environment and industry IT trends to identify potential issues and risks.
- Participates in reviews of internal controls and security of systems under development as well as major IT projects and initiatives.
- Reviews all system-related information security plans throughout the organization's network to ensure alignment between security and privacy practices, and acts as a liaison to the information systems department.
- Maintains current knowledge of applicable federal and state privacy laws and accreditation standards, and monitors advancements in information privacy technologies to ensure organizational adaptation and compliance.
- Facilitate the development, implementation, communication and enforcement of privacy policies throughout the system
- Support conformity with the privacy and security policies and procedures as part of the performance evaluation process for all employees and the privileging process for credentialed providers.
Skill Set :
Technical Skills :
- Experience towards end to end implementation of at least two regulations/standards (HIPPA, PCIDSS, ISO 27001 etc.)
- Experience in review/audit or implementation of network security architecture
- Good knowledge of MS Office tools
- Knowledge on Firewall/Switches/Routers/IPS
Process Specific Skills :
- Good logical reasoning and reasonable analytical skills
- Well versed with internal auditing and monitoring methodology
- Reasonable understanding of Data security regulations/standards (HIPPA, Privacy laws, TCPA, PCIDSS), US laws and cyber laws
Soft Skills :
- Assertive and result oriented professional
- Should have confidence and convincing skills
- Team player with potential to demonstrate team leadership skills
Education :
- Primary (mandatory) - Bachelor in IT/Engineering/Technology /Lead Auditor ISO 27001/CISA
- Secondary (desired) - CISSP/ CPISI/CeH/CCNA
Experience :
- 6 -8 years post qualification consulting/auditing experience in Information security/Data Privacy Regulations and Standards related assignments
- At least 2-3 years of relevant experience in BPO/ITES industry
- Experience in managing SOC1/SSAE 16 assessments
Contact Details :
Contact person: Jasleen
Didn’t find the job appropriate? Report this Job