Risk and Cyber

Job Category: Risk and cyber
Job Type: Full Time
Job Location: Gurgaon
  • Working familiarity with risk assessments and threat models
  • Skills to assess and monitor vendor risk and follow vendor risk management policy.
  • Working familiarity with ISO27000 standards and ISO27002 controls standards in particular
  • Experience with ServiceNow or other industry standard enterprise Vendor Risk Assessment solution
  • Familiarity with application, server, and network security is preferred, understanding of security architectures, network security, Active Directory, RBAC and least privilege.
  • Familiarity with APIs, plug-ins, ad-on software, and associated vulnerabilities
  • Strong knowledge of and experience with information security across all domains
  • Experience with ServiceNow or another industry standard service management solution
  • Customer focus and direct client support experience. Relationship management, negotiation and influencing skills.
  • Excellent written and verbal communication. Analytical/problem solving ability. Attention to detail. Considerations for user experience and productivity.
  • Creative and independent thinker with the ability to translate business and technical requirements and challenges to leadership. Knowledge of configuration management practices and procedures
  • Strong knowledge and working understanding of information security legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard
  • Working familiarity with common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
  • In depth knowledge of Microsoft Excel and other Office suite applications.
  • Excellent ability to work effectively with peers, IT management and staff, and internal/external business partners/clients.
  • A demonstrable passion for the field of information security
  • Ability to multi-task, prioritize, work independently, and manage various projects and processes to completion.

Work Experience

  • 5+ years of Information Security or IT audit experience is required
  • Experience working in Cyber Risk, Business Risk Management, Operational Risk, Internal Audit, and/or Controls related function preferred.
  • Working familiarity with Vendor Risk Assessments and production of Risk Analysis Reports.
  • Experience in management of vulnerability and/or risk remediation.
  • Specific knowledge of and experience with applicable concepts and methodologies such as continuous quality improvement and auditing experience
  • Advanced communication skills (both verbal and written)
  • Communication of technology issues to both technical and leadership personnel and negotiate to a mutually beneficial conclusion.
  • Interactions with vendors and/or other 3rd parties

Apply for this position

Allowed Type(s): .pdf, .doc, .docx