Cyber Security GRC role (PCI DSS/ISO 27001)

ASSOCIATE CONSULTANT Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001) • Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. • Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. • Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. • Should be able to understand and explain technical vulnerabilities • Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security • Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: • Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced • Conduct audits to verify the compliance to organizations security standards • Assist in Business Continuity Planning and Implementation. • Metrics collection & reporting Must Have Skills • Excellent communication and presentation skills. • Able to effectively interact with various functions. • Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course • Good to have: CISSP, CISA, CISM, ISO22301QualificationBE/ BTech, MCA, MBA with specialization in Information Security

#eviden