Senior IT Risk and Compliance Manager – Mumbai

IT Risk Management
24 March 2024
Urgent

Job Overview

  • Date Posted
    24 March 2024
  • Expiration date
    1 June 2024
  • Gender
    Any

Job Description

Job Description
Experience in core IT Risk, Compliance, and security projects.
Strong familiarity with industry frameworks such as ISO standards, GDPR, NIST, PCI DSS. Broad
understanding of cyber security concepts and risks.
Experience in assessment of audit findings / gaps including control weaknesses in coordination with different
stakeholders and assist with development of management action plans.
In depth understanding of security classification, change controls, SDLC, security controls, Application
Controls, including interfaces and configurations on a variety of applications, operating systems, databases,
and networks.
Project management experience in the areas of IT Risk, Compliance, and security operations. Ability to plan
and manage multiple GRC and Security engagements.
Help with the planning of SOX program by setting the objective, scope, and work program of individual audits
Conduct follow-up on both open and past due actions on security control implementations on a regular basis
Understand client needs to develop project plans, resource plans, establish reporting and metrics and provide
the clients and leaders with regular project updates.
Ensure that the project team is utilized appropriately and consistently with a strong focus on process/tool
automations and innovations.
Excellent customer service, strong analytical thinking, problem solving, decision making, verbal and written
communication skills.
Working knowledge of common audit and compliance tools. Experience with a Governance/Risk/Compliance
(GRC) platform required.
Collaborate with Key Customer and relevant stakeholders to assess near and long-term GRC needs, plan
staffing accordingly.
Strong people management skills. Train/Mentor project team members to ensure quality of work product is
consistent throughout client engagements, and best practices are applied for every engagement.
Professional certification such as CISA, CISM, CRISC, or CISSP is desirable.
Very strong in Microsoft Word, PowerPoint, Excel, and email.
Primary Skills:
Governance, Risk and Compliance (GRC)
Security Frameworks
ITGC
ISMS Implementation
Secondary Skills:
CISA, CISM, CRISC, or CISSP Certifications

Related Jobs