Responsibilities :
Facilitate Implementation of all the contractual requirements within the engagement Support client for conducting audits at different locations Facilitate closure of audit findings received during client conducted spot checks Report to ISG and delivery management about any Cyber security issues and keep them periodically informed about engagement's compliance posture Handle various standard, regulatory and compliance requirements such as ISO27001, SSAE16 SOC 1, SOC 2, PCI DSS, HIPAA etc. Support for responding to RFPs and RFIs, review
Additional Responsibilities:
The candidate shall have at least 4-6 years experience in Information Security Governance, risk and compliance management with strong information and network security concepts. The candidate shall have good experience in the areas of Risk Management, Governance, Compliance, Security policy and Metrics. The candidate should possess good technical, analytical, troubleshooting and problem solving skills. The candidate is expected to work as an individual contributor with minimum support from manager and shall have excellent communication and collaboration skills. The candidate shall possess good understanding of ISO 27001:2013, SSAE 16 SOC 1 & SOC 2, PCI DSS, HIPAA & other industry recommended standards and regulations. The candidate shall have strong technical understanding of Information Security
Technical and Professional Requirements:
Implement the control framework by working with all relevant stakeholders Manage information security risk assessment Drive process improvements in the area of information security Provide SME support in handling client reported incidents and ensure closure of the raised incidents Communicate information security incidents to client within stipulated time frame and track closure of all reported incidents Get approvals for BAU activities such as Vulnerability scans, installationextensions, Change Requests, admin rights, additional software requirements, floor visits, and all security exceptions
