Senior Analyst - Risk & Compliance - IT Audit

IT Audit - Risk & Compliance (Sr. Analyst)

The Role:

- Act as an advisory /consultant role, a focal point for security compliance related activities and responsibilities that includes implement & propagate ISO 27001 standards within the organization

- Have relevant knowledge on info security & IT risk assessment

Responsibilities:

- Responsible & accountable for ensuring appropriate information security controls are in place for organizational assets.

- Should have strong IT Audit Experience

- Review and Analyze reports and results of the audit, gap analysis and security testing conducted and assist stakeholders with identify practical solutions for any gaps, issue and vulnerability identified.

- Create and Suggest measure to improve Information security processes and procedures.

- Co-ordinate with external vendor to ensure audits/assessments are completed on time and meet high quality standard.

- Liaise with relevant teams and external vendors to manage security and regulatory requirements

- Provide expert guidance on Cyber security related matters

- Be able to apply Cyber security experience and knowledge with creative and innovative thinking in a broad range of complex and no-routine contexts

- The role will perform various coordinating tasks, like schedule and follow-up, along with administrative duties, like maintaining project documentation and handling project management office coordination and updates.

- Collaborate with IT, Business areas and the internal Information Security teams to deliver within deadlines.

- Act as a single point of contact for all information security programs and projects Provide Daily, weekly, months status updates

- Prepare Status Plans and dashboards for key initiatives, plans and audit tracking as per management requirements

- Negotiate and act as an intermediary with Internal Audit and internal teams to close current and future audit items

- Solid organizational skills, including multitasking and time-management

- Project management experience will be added advantage

Skills:

- Desirable 4 to 6 years of relevant Information Security experience in any organization Security Consultancy background covering design, risk, compliance, governance, data protection, Identity and assess management, Network security, application security

- Excellent communication, organization time management and problem-solving skills

- Exceptional track record of building relationships with stakeholders

- Strong multi-tasking skills with the ability to manage multiple projects

- Proven team management skills and proactive mindset

- Ability to function as a Team Player and maintain a good working relationship, yet think and act independently with professionalism, discretion and confidentiality

- Attention to detail and willingness to flex based on business priorities

- Project Management skills will be an added advantage

Experience: 4-7 years

Qualifications:

- Qualifications (Desirable) Bachelors (BA/BS) degree in Computer Science, Information Security, Information Technology or equivalent experience

- Professional Certifications (Desirable) ISO 27001 LEAD AUDITOR /Implementer

- Previous Experience on info security is added advantage

- Strong understanding of security risk management frameworks such as ISO 27001/27002, GDPR, Data privacy ,Business continuity