Information Security Analyst

Job Description

Designation: Information Security Consultant Job Code: JD2208396 Location: Bangalore Number of Vacancies: 1 Total Experience: minimum 1 year Shift: General Reports to: CTO Qualification: BE/B.tech/Bsc/BCA/M.Tech/ME Certification: ISO 27001:2013 Lead Implementer (preferable) Job Description: IT Security Consultant , with overall 3+ years of professional experience with areas of expertise in Governance Risk & Compliance (GRC), Third Party Risk Management (TPRM), Information Systems Audits including ISO 27001, Data privacy, GDPR, ITGC Assessments, Control testing, Information Security, ISO 27001 Implementation, SOX and SOC 2, IT Risk assessments on application and infrastructure. Information Technology and Information Security Governance and Risk Compliance Implementation across various industries including Banking, Retail, Insurance, Energy, and e-commerce. Expertise in Vendor Management, Issue Management, Compliance Management, Policy Management, Business Continuity and Disaster Recovery& Risk management modules/solutions. Detailed knowledge of international regulations and best practices covering ITIL, COBIT, ISO 27000, SOX, COSO, PCI, HIPAA and NIST 800. Have experience in core ISMS, services focused on SOX, ITGC, COBIT, COSO, ISO 270001, specialized in Governance & Compliance and Internal Audits. Good experience in client interaction with global leaders during requirement specifications and project implementation phases. Performed risk assessments based on industry standards, provided recommendations to management on results of analysis and work closely with other team- members to refine and enhance security controls and reduce organizational risk. Managing GRC and Third-Party Risk Management related engagements. Conducting audit to check the security posture of critical vendors. Performing quality checks for third party risk assessment. Facilitating External and Internal audits for ISO 27001. Identify and assessing areas of significant business risk. Plan and evaluate IT-related technical and organizational measures. Managing and reporting compliance breaches and exposures. Conducting Compliance audits by reviewing SOC2 Type II, Hi-Trust, ISO27001, PCI-DSS reports. Supporting various departments by collecting and coordinating internal compliance data with auditors and various departments. Ensuring complete, accurate, and timely audit information is reported to Management and/or Risk Committees. Qualification Bachelor's degree in computer science (B. Tech, BE, BCA, or MCA), ISO 27001 :2013 LA Preferred, Experience in Audits and Assessments preferably covering ISO 27001, SOC 2 Type 2, GDPR, Client Audit and Privacy Regulations (GDPR) Experience in identifying and remediating threat & vulnerabilities. ***the candidate must have a very good communication skill