, including evidence review and preparation of detailed audit reports. Strong understanding of
fundamentals and standard procedures across key IT functions
, such as
Server Management, Network Management, Antivirus, Patch Management, SOC, VAPT, Access Management, and ITIL processes
.
Job description
Lead enterprise-wide information security strategy and compliance programs.
Design Company's policy and procedure.
Ensuring Design effectiveness and operational effectiveness of all IT and business Processes.
Identify cost effective right security tool and smooth rollout to across organization.
Negotiation with vendor for cost optimization.
Develop, implement & monitor an information security program to ensure that the integrity, confidentiality and availability of information is owned, controlled and processed by the organization.
Conducting Half yearly ISMS Internal Audit & Managing client external Audit, Annual certification audits (ISO 27001, ISO 20001, ISO9001, PCI DSS, SSAE 18 SOC1 & SOC2, GDPR, HiTrust).
Annual Data Protection & Privacy Compliance review.
Conduct a Risk Assessment on newly introduced project.
Ensuring compliance of Onboarding Offboarding, Physical Security, Desktop Management, Server Management (On Premises/ Cloud), Network Management, Application security, Website security, VA PT, hardening, SOC, Access management, BCP, Incident, Change, Problem and capacity management processes.
Ensure frequency-based controls are executed on time (e.g. Log Review, User Access Review, Firewall Rule Review, VAPT, infosec training, Background verification etc.)
Monthly Security Deck and presentation to senior Management
Ensuring Inventory completeness on Laptop, Server, Network devices, Antivirus Report, Patch Report, Encryption report, Vulnerability Assessment, Hardening, Penetration Testing and Health Monitoring tool.
Managing Risk Register, Security Incident & Issue tracker.
Responding Client's Vendor Risk Assessment Questionnaire.
Reviewing IT security related solutions, Mapping current IT controls with upcoming client requirements.
Vendor Security review.
Ensure Annual BCP/ DR Drill, Ransomware Simulation and Phishing simulation
Identify and implement opportunities for automation to improve governance/audit controls.
Information Security Awareness sessions.
Personal Skills
Currently working in a
manager-level role
within
Information Security Governance and Compliance
, with a strong focus on
IT Security
.
Proficient in
Advanced Excel
and
PowerPoint
; knowledge of
Power BI
and
Excel VB Macros
will be an added advantage.
Strong
communication skills
with the ability to present findings and recommendations effectively.
Excellent
analytical thinking
and
decision-making
abilities.
Ability to manage and oversee compliance initiatives, audits, and IT security governance frameworks.
Strong attention to detail with a proactive and solution-oriented mindset.
About RIA Advisory:
RIA Advisory LLC (RIA) is a business advisory and technology company that specializes in the field of Revenue Management and Billing for Banking, Payments, Capital Markets, Exchanges, Utilities, Healthcare and Insurance industry verticals. With a highly experienced team in the field of Pricing, Billing & Revenue Management, RIA prioritizes understanding client needs and industry best practices to approach any problem with insight and careful strategic planning. Each one of RIA Advisory's Managing Partners have over 20 years of industry expertise and experience, our leadership and consulting team demonstrate our continued efficiency to serve our clients as a strategic partner especially for transforming
ORMB and CC&B space. Our operation are spread across US, UK, India, Philippines, Australia
o Services Offered:
o Business Process Advisory for Revenue management processes o Technology Consulting & Implementation o Help clients transition to latest technology suite and overcome business problems. o Managed Services o Quality Assurance o Cloud Services
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.