Security Risk Assurance (For a large GCC Client)

Location: Bangalore/ Pune

Roles & Responsibilities:

Manage the delivery of several assurance activities including the Security Assurance Framework (SAF) which is aligned with ISO 27001/2 and the Minimum Technical Security Baseline (MTSBv2) aligned to CIS compliance benchmarks. Also managing ISO 27001 external audits in an effective, timely, consistent, and professional manner.

• Deliver Information Security Assurance audits using a Control/Risk Assessment methodology based on ISO27001 standards.

• Coordinate a team of IS Security Analyst to cover efficiently an IT domain.

• Deliver effective teamwork, communication, collaboration and commitment to deliver services.

Experience, Skills & Certifications:

• Previous business and or IT security and risk experience. (Minimum 4+ Years)

• In depth experience of Security domains would be beneficial.

• ISO27001/2 knowledge and experience essential; Understanding of NIST framework desirable.

• Knowledge and understanding of CIS benchmarks desirable.

• In depth knowledge of one or more sets of business processes, applications or key technologies (e.g. Networks, desktop and mid-range infrastructure, communication technologies) in use within the Company.

• Excellent understanding of systems life cycles and project management.

• Ability to assimilate information quickly, clearly identify key issues and present information concisely.

• Ability to develop and maintain a wide network of contacts across the business.

• Relevant professional qualifications e.g., CISSP, CISM, ISO27001 Lead Implementer/Auditor desirable.

• Proactively anticipate customer issues / concerns for timely resolution-Maintain Zero Surprise'Framework.

• Excellent communications skills, guide others on executing commands on systems and be able to report write in English.

• Be able to explain what was tested and the rationale for the test, relating back to the control objectives.

• Experience in technical Information Security and conducting technical risk assessments

• Operate adequately comfortably at management level

• Strong facilitation, negotiation and conflict resolution skills

• Proficient risk assessment, interpretation and analytical skills

• Strong networking skills

• Team player