Job Description - Infosec Governance, Risk and Compliance ManagerPosition - Information Security Compliance SpecialistEmployment Type - Employee - Full TimeWork Location GuwahatiKey Responsibilities:1.Identify, measure & report Security Compliance performance against organisational internal and external security compliance requirements2. Conduct Cyber Security internal process and technical assessments and audits periodically against different policies and standards.3. Track and drive closure of finding and publish the compliance status dashboard for management review4. Provide support in compliance management and certification like ISO, SOC2, PCI-DSS, Cloud Security etc and periodic annual security assessments5.Conduct Cyber security audits, risk assessments on internal business units/Sub-Sideris /suppliers/third parties to ensure security and compliance controls are implemented as per company policy and contractual requirements and effectiveness is measured, reported and governed.6.Support annual audit activity carried out by group corporate internal audit teams to maintain group corporate reporting requirements on controls relevant to security, availability, processing integrity, and confidentiality.7.Frontend external audits conducted by regulatory bodies & customers by working closely with internal teams for preparation and driving the remediation activities.8. Improve methods of capturing and presenting status of key compliance requirements to provide leadership with clear, concise data to enable appropriate decision making.9.Plan and orchestrate compliance review meetings with stake holders at various levels to drive continuous improvements.9.Report and prepare presentation on the levels of security compliance risk and control effectiveness to key stakeholders and senior management.10.Monitor the ongoing status of compliance remediation activities for identified risks and internal and external audit/compliance requirements.Qualification:B. E / B. Tech in Computer Science or Information Technology/ MCA with good academics (minimum 60% without any gap)Should be certified with ISO27001 lead auditor and CISA - Certified Information Security Auditor. Possession of other certification like CISM, CISSP, ISO22301, ISO27701, ISO27017, ISO27018, Cloud security etc will be an added advantageWork Experience:05-10 Years of experience (minimum 5+ years experience in IT Security, Governance Risk and Compliance, Audits etc)
