JOB DESCRIPTION:

?Duties:

1.Support implementing and managing Information Security Management System in accordance with ISO27001 standard

2.Support Risk Management program and co-ordinate Risk assessment activities

3.Enhance existing Common Controls to align with business & customer needs and align with Information security policy and Standards

4.Co-ordinate ISMS roll-out efforts to individual business unit in scope and support ISO27001 certification effort

5.Manage compliance and sustaining efforts to maintain Common controls implemented at individual business unit

6.Support Supply Chain and Third-Party Vendor Risk management program activities

7.Help prepare Security Assurance materials for internal and external audiences, including maintaining our Security responses to customer questionnaires

8.Prepare regular metrics related to Trust office programs including ISMS for management update

9.Assist with evidence gathering for audits, update centralized GRC tool with audit performance and perform related compliance activity

10.Assist in POC and enhancement of GRC tool supporting Trust office objectives

11.Perform Ad-hoc activities required to support Trust office

12.Support ad-hoc meetings /updates in early morning IST and PST Time Zone

Skill Set:

1.+8-10 Years experience in Information Security , Compliance, Risk Management

2.Expertise in Information Security implementation for ISO 27001 and other relevant standards such as SOX, (US role )-NIST 800- 53, CMMC

3.Preferred Certifications : CISSP ,ISO 27001 Lead Auditor or Implementer

Education:

1.BA/BS degree in Computer Science, MS, or equivalent industry experience.