Key Role and Responsibilities
· Responsible for implementation and sustenance of ISO based Information Security standards such as ISMS, BCMS, Data Privacy etc.
· Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk
· Responsible to assist client in review, design and implement Information Security controls
· Responsible for conducting client’s vendor risk assessment and providing a holistic view of clients’ risk exposure due to outsourcing
· Responsible for advising and assisting clients to develop and implement Information classification framework
· Understands data governance and data protection
· Advice clients on data privacy, data leakage prevention, identity and access management
· Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design and deployment of solutions
· Demonstrates ability to work independently on projects with limited supervision
· Demonstrates understanding of complex business and information technology management processes
· Manages day-to-day client relationships at mid and lower levels.
· Working knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection
QUALIFICATION & EXPERIENCE:
· Graduates / BE – B. Tech / MCA / MBA
· Strong knowledge of cyber / Data protection/privacy security concepts, risk and controls concepts
· 8-10 years of relevant experience
· Strong Excel and PowerPoint skills
· Good knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc.
· Good knowledge of GDPR, CCPA or other privacy laws
· Governance and reporting
· Good knowledge of cyber and privacy risks
· Possession of relevant qualifications such as CIPM, CIPT, CIPP, ISO27001 LA/ LI, ISO22301 LA/LI, CISSP, CISA, CISM etc.
· Excellent business communication skills.
· Company: EY India
· Vacancy Type: Full Time
· Job Location: Gurgaon, Haryana, India