Job Category: Information TechnologyJob Description:POSITION SUMMARY:
This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization.
This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US
This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned.
This position requires:
Works extensively on Vendor IT Security risk assessment/ Third Party Risk management/ IT Technical Assessment
Experience in performing Security audits and Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems.
Understanding on Legal & Regulatory requirements such as Data privacy, Intellectual property safeguards, Records Management etc.
Knowledge about latest regulations, compliance, standards, and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, etc.
Ability to conceptualize Security Governance framework and have eagerness to assist Management with creation and implementation of Security Governance Policy Framework.
Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization.
Ability to prepare Management Reports highlighting the security posture of the organization with regards to various security metrics defined in line with Enterprise Risk Management framework.
Strong proficiency in Microsoft Office applications (MS Excel, Word, PowerPoint etc.) with a general understanding of data analysis techniques.
Excellent organizational, skills, detail oriented, logical, and systematic with the ability to multi-task must be able to gather and interpret relevant information; with ability to work in a high value and strict deadline environment.
JOB FUNCTIONS AND RESPONSIBILITIES
Perform IT security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed.
Recommend appropriate corrective actions and remediation plans for risks identified.
Assist in developing the implementation of risk mitigation measures.
Create and manage multiple dashboard reporting mechanisms to facilitate improved communication and provide visibility on Security posture to Management and Senior Leadership
Work with the Business functions to ensure security standards are in-line with Ocwen's risk management and information security policies.
Plan and execute vendor IT and Security audit programs in-line with Ocwen's risk management policies.
EDUCATION / EXPERIENCE
3 - 5 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles
Bachelor's degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage.
Preferred Certifications
CGEIT or CISM
CISSP
Demonstrated experience in conducting Risk Assessments for Vendors, Internal and External stakeholders.
Experience in Information Security or demonstrated knowledge on Information Security Operations
Demonstrated experience in a multi-vendor environment.
Demonstrated experience in Cloud Security assessments on various Cloud platforms such as AWS, Azure, Oracle etc.
