Location : Pune / Singapore / Bangalore
Job description : This role works in close collaboration with all members of the GRC team and is fully integrated within the Information Security process.
Key Responsibility :
4-6 years of experience in design and implementation of GRC controls.
Reviewing Information security policies and procedures identify gaps, consolidating information security policies and procedures into group policy.
Should have good experience in performing risk assessments, creating and maintaining risk registers, liaising with risk officers and getting risk register updated with remediation steps.
Should have experience in performing IT General controls review/audits.
Should have good understanding of IT Risk management frameworks like COSO, COBIT, NIST 800 series, ISO 27001, ISO 31000
Should have good understanding of regulatory compliance requirements such as SOX, GDPR, PCI-DSS, FISMA, HIPAA, and HITRUST, RBI Cybersecurity requirements, IT Act 2000.
Should have good understanding of data protection & privacy laws in various countries like Singapore, Malaysia, Australia, Middle East, Europe, USA and India.
Should have implemented ServiceNow GRC solutions or similar like Archer, Metric stream, Logic manager, Oracle GRC, SAS GRC solutions.
Should have experience working and responding to RFI/RFP requirements for global customers, writing SOW, effort estimation.
Should have lead team size of 5-10 team members.
Should have excellent communication skills, team management skills, stake holder management skills.
Should be a go-getter and expert in speaking about GRC with top management executives.
Should be having any two of them CISSP, ISO 27001, CISA, CISM, CRISC, and CGEIT Certified professional.
Good to have SOX, GDPR, Privacy training and certifications
Send your updated resume to : email@example.com or visit our business page at www.rede-consulting.com