Collaborate on the integration of robust security and compliance measures across all business products and processes, safeguarding organizational assets and ensuring adherence to regulatory and internal standards.
Evaluate third-party security practices, including vendor risk management and compliance with security standards.
Review customer data protection and sensitive data access monitoring.
Support End-to-End security assessment and track all identified findings to ensure effectively remediation.
Collaborate closely with diverse business units to embed security best practices into their operations, including gathering requirements, conducting interviews, and performing on-site walkthroughs for project management.
Drive strategic initiatives to strengthen information security posture, including managing end-to-end security assessments and audits.
Proactively identify, assess, and ensure timely mitigation of security risks in business products and processes, ensuring compliance with regulations and internal policies.
Continuously monitor and evaluate security control effectiveness, adapt to threats/changes, and report on compliance.
Cultivate strong collaborative relationships with stakeholders to implement controls, identify asset owners, classify data/systems, and align business and security requirements.
Undertake additional projects or tasks as directed by management.
People Management
Build and maintain professional relationships with IT Team, Business Team and Auditors (Internal & External).
Minimum qualifications:
Bachelor’s in computer science or information security.
At least one of the following professional certifications will be preferred:
ISO 27001
ISO 27701
CISA
CISM
Minimum experience:
Minimum 2 years’ experience in IS Risk Management or Information Security
