Roles & Responsibilities
• Participate in information Security Risk Management initiatives
• Develop and execution of end to end third-party risk management program across enterprises
• Execution of IT Compliance Program for Information & Cyber Security Requirements (e.g. regulatory, ISO27001 standards, IT Act, UIDAI, CERT-In).
• Handle/ assist internal and external IT/ regulatory/ compliance Audits.
• IT compliance assurance to related parties and supporting functions.
• Execution of security testing program and achieve compliance.
• Drive and execute Information Security awareness related activities.
• Drive Information Security projects/ implementation & tracking its activities.
• Develop and Maintain Information Security Policies, Processes and standards/guidelines to address all applicable regulatory and ISO requirements.
Skills & Competencies
• Should have executed third party risk management program for enterprise.
• Should have experience in management of VA/PT program.
• Should have experience in deployment of various tools like DLP, Compliance tracker.
• Should have experience in implementing of ISO27001 for enterprise.
• Should be strong in driving compliance activities along with technical skills.
• Articulate & good verbal & written communication skills.
• Capability to drive activities with minimal guidance.
Certifications like CISA, ISO27001 Lead Implementer or Lead Auditor
Experience – 5yrs – 9yrs