Trainee - ESGC

About SLK

SLK is a global technology services provider focused on bringing AI, intelligent automation, and analytics together to create leading-edge technology solutions for our customers through a culture of partnership, led by an evolutionary mindset. For over 20 years, we've helped organizations across diverse industries - insurance providers, financial service organizations, investment management companies, and manufacturers - reimagine their business and solve their present and future needs.

At SLK, we champion diversity and inclusion, valuing the unique perspectives and talents each individual brings. We empower specially abled talent by fostering a supportive environment that welcomes every member's abilities. Our goal is to create an innovative workspace enriched by diversity, providing reasonable accommodations to ensure everyone can contribute to our success. We invite candidates from diverse backgrounds to help us build a more inclusive future.

BASIC INFORMATION ON THE POSITION

Position Name: Trainee - ESGC

Mandatory/Required Skills & Location

Location:

Mandatory/Required Skills:

PURPOSE OF THE ROLE

To ensure Enterprise Risk management framework and Information Security Management System are effectively implemented in line with the business objectives

KEY RESPONSIBILITIES AND ACCOUNTABILITIES

1. Extend support to Implement  customer specific information security / enterprise risk related requirements
2. Coordinate and communicate with  internal customers to ensure compliance of security / risk guidelines
3. Conduct audit to ensure compliance with customer risk / security requirements
4. Contribute towards customer audits ensuring successful  completion 
5. Participate in Customer calls when needed and understand customer expectations
6. Provide periodic updates on the implementation status

1. Document procedures and policies based on inputs provided
2. Support & implement ISMS (Information Security Management System) framework.
3. Implement new security initiatives and improvements
4. Collect applicable measures and perform periodic analysis as per the measurement program
5. Provide updates periodically
6. Prepare Plan and conduct periodic internal audits
7. Track all internal/external audit findings to closure
8. Implement ERM and conduct risk based audit
9. Conduct  surprise/ random audits and track findings to closure
10. Complete the assigned activities like Risk exception, reconciliation, VAPT, etc  within the defined SLA
11. Participate in external audits by ensuring readiness of functions  providing necessary support for successful completion

1. Understand, align with the goals, roles and responsibilities and provide updates about performance against the set goals
2. Train and mentor team members as appropriate
3. Upgrade competency (skills) in line with the current industry practices and business objectives

EDUCATION QUALIFICATION

1. BE/MBA
2. ISO27001 lead auditor’s certification
3. CISA/ CISSP Certification (Preferred)
4. PCI DSS Implementer certification

MINIMUM EXPERIENCE REQUIRED

1. 2-4  years’ relevant experience 

DOMAIN/ FUNCTIONAL SKILLS

• Knowledge of ISO27001 Standards & ISO27005 Guidelines
• Knowledge of PCIDSS standard
• Knowledge of risk management (ISO31000)
• Understanding of organization’s business and support processes
• Knowledge of IT Security, physical and environmental security and HR security controls
• Knowledge of regulatory requirements