We are looking for Information Security & Compliance officers to support one of our banking client. Individual must be strong at Compliance related activities and should meet below skills and competencies -
What You Will Do
Be SME for all applicable regulations, guidelines and industry best practices to manage risk and ensure compliance.
Be the single point of contact for all external entities related to Security and Compliance communications.
Owner for all security documentation such as policies, standards, and procedures.
Owner for driving security controls across all organization functions.
Build continuous assessment practice which is super set of all required regulatory compliance.
Manages and supports Information Security Risk Management Life-cycle for the organization.
Provide adequate security and compliance against specific standards such as
NIST 800-53, NIST 800-171, ISO 27001, SOX, PCI, HIPAA and other regulatory requirements.
Identifies and formally documents deviations from published standards, estimates risk level, recommends appropriate mitigation countermeasures in operational and non-operational situations.
Identify potential areas of IT compliance vulnerability and risk; guide the accountable stakeholders to develop/implement corrective action plans for resolution, and provide general guidance on how to avoid or deal with similar situations in the future. Risks should be identified, assessed and monitored on an ongoing firm-wide and individual entity basis
Experience Range
4-8 years of experience in Cybersecurity & Risk Compliance Domain in areas
including and limited to: System Security, Network Security , SOC, Risk & Compliance Management
Technical Expertise
Auditing experience in ISO-27001, SOX, NIST, PCI-DSS
Experience with AWS Security and Compliance.
Prior experience in the Banking and Financial domain is nice to have.
Proven experience in Endpoint Security, Network Security, SIEM,SOC
Advanced security tools – SOAR platform, Vulnerability Management, SIEM
Experience building Threat Modeling practice
Strong communication skills Skills:- Network Security, System security, Risk
Management, Compliance, Security Information and Event Management (SIEM),
Amazon Web Services (AWS), Cyber Security and Security audit
Hello, I worked in banking field for more than 25 years covering security for 15 years , I am certified ( CISSP - CISA - CEH - ecppt - IBM analyst i2 - SANS 504 & 503 ) I worked in developing many standards and I think I can help to get job done successfully.
Hi ,
I have 8+ years of experience in GRC and information security at enterprises level organization. I am certified with ISO27001, ISO 20000, CEH. I will be very happy to help you to get your goal.