Job Description
Role: GRC
Experience: 3 to 8 years
Location: MUmbai/Bangalore
Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0)
Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management.
Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities.
Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes.
Should be able to understand and explain technical vulnerabilities
Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security
Should have Knowledge on information security incident management.
Specific Duties and Responsibilities Include:
Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced
Conduct audits to verify the compliance to organizations security standards
Assist in Business Continuity Planning and Implementation.
Metrics collection & reporting
Provide Advisory support for Implementation of PCI DSS.
Perform PCI DSS QSA and QA audits and write Reports.
Must Have Skills
Excellent communication and presentation skills.
Able to effectively interact with various functions.
Good to have Skills / Certification
Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor
Good to have: CISSP, CISA, CISM, ISO22301
QualificationBE/ BTech, MCA, MBA with specialization in Information Security
Let s grow together.
Job Classification
Industry: IT Services & Consulting
Functional Area / Department: IT & Information Security
Role Category: IT Security
Role: Manager Information Security
Employement Type: Full time
Contact Details:
Company: Atos
Location(s): Kolkata
Keyskills:
Cisa
Coding
Information security
Consulting
Disaster recovery
ISO 27001
Active directory
Incident management
Gap analysis
SCCM
