Governance Risk Compliance Analyst (onsite)

scription: -

· Security Compliance

· Required to have excellent understanding of the IT Control framework, in particular risk assessment and control selection

· Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)

· Understand the client requirements and ensure the implementation and effectiveness of the required controls.

· Lead teams and efforts to ensure effective execution of periodic risk assessments and drive integration of remediation efforts with the risk management process

· Partner with service delivery leadership to both communicate and manage risk in delivery to an acceptable level

· Partner with delivery team to increase the level of awareness of compliance with policy and process

· Lead and perform activities to help measure and monitor compliance with contractual security requirements, company policies and procedures to ensure the account is compliant and audit ready

· Lead different compliance & audit testing programs and support successful completion of various external compliance certification programs and internal compliance assessments

· Proven ability to lead small teams dedicated to the performance of risk management and assessment responsibilities.

· Ability to provide effective management of junior employees.
Develops and provides appropriate guidance on solutions to mitigate risks and enhance system security

· Coordinate with other representatives to build out world class compliance program components to include processes, procedures, and technologies.

· Deep understanding of privacy and business continuity requirements and support R&C Privacy and BCM teams in execution of their respective program

· Demonstrates ability to work in virtual team with help of tools and technologies

· Demonstrates ability to handle conflicting situation & should have strong verbal, written communication & analytical skills

· Must have systematic and pragmatic approach to problem solving

· Demonstrates good inter-personal skills, high standards of professional behavior in dealings with business customers, colleagues, and staff

· Have a good technical awareness and the aptitude to remain up to date with information security and IT developments

· Ability to communicate Risk to non IT business owners and support function such as HR, GWS,Physical Security, Legal, Contracting and others

· Ability to communicate risk at all levels of management up to and including C-Level executives.
Translate business, industry, and regulatory requirements into information security objectives and associated tactical/strategic information security initiatives

· Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.

Primary Skill:

· Understanding of Information Security and standards such as ISO27001, NIST, CIS etc. / Knowledge of regulatory compliance such as SOX, PCI etc.

· Knowledge of Risk Management and Control Auditing principles/ Knowledge of Data Privacy requirements / Technical knowledge of security principles around Network Security, Perimeter Security, Data Security, End User System security etc.

· Technical knowledge on Cloud Security, Threat analysis, VA/PT etc.

· Excellent communication skills (verbal and written) / Understanding of general IT Control framework / BCM Concepts

Secondary Skill:

· Analytical skills / Strategic Thinking / Ability to build relationship / Adaptable to new concerns and changing environments etc.

Required Experience: Minimum of 5-10 years of relevant experience in Information Risk Management/Information Security or auditing.

Job Type: Contract

Salary: From $50.00 per hour

Schedule:

• 8 hour shift

License/Certification:

• CISSP (Preferred)
• Certified Information Systems Auditor (Preferred)

Work Location: On the road

Speak with the employer
91 727 216 7642