Auth 2.0 - Hyderabad, India - ENH iSecure Pvt. Ltd
Description
Job purpose:
To undertake third-party information security and governance risk reviews of the company and identify key risk areas and manage remediation of control gaps.
To work closely with business owners and other key internal stakeholders, and assist in enhancing the information security controls in place at third parties for the protection of company information assets.
Title:
Risk Analyst
Experience:
3+ years
Employment:
Full Time.
Location:
Gurgaon
Responsibilities:
- Manage and assess a portfolio of third parties inline with company third Party Assurance framework and company information security standards, ensuring each step is completed within SLA.
- Work with third parties to review technical and governance controls and identify weaknesses/noncompliance as control gaps.
- Track and manage gaps and risks both internal and at third parties through to remediation.
- Maintain an uptodate record of all third parties that access, store, process and provide services to the company.
- Manage any risk mitigations associated with third parties, both internally and with the third parties themselves.
- Assist with the risk rating of new and existing third parties through the Business Impact Assessment process.
- Input into the continuous improvement of the Third Party Assurance and risk management processes.
- Undertake third party site visits to validate the status of vendor controls.
- Be a point of contact for queries related to third party assurance.
- Build and manage stakeholder relationships with the business and third parties.
- Provide high quality risk reports, with guidance and recommendations, to enable senior business owners to make the most appropriate risk decisions relating to the use of suppliers.
- Provide an assurance and advisory role to company internal teams on the implications of IT and data security.
- Be involved in regular metric reporting to senior management and other key stakeholders.
- Consult with internal technical teams relating to third party controls.
- Maintain all required skills & complete necessary training and act in line with our values and Code of Business.
Qualifications:
- Master's degree or equivalent in Information Security.
Certifications:
- CISSP, CISA, CISM
Functional Skills:
- Business and commercial acumen
- Intermediate
- Change management
- Intermediate
- project Management
- Intermediate
- Data analysis and modelling
- Intermediate
- Stakeholder management
- Intermediate
- Financial analysis
- Expert
- Data Protection Act
- Intermediate
- International Data/Privacy Laws
- Expert
- Best Practice Information Security Policies
- Intermediate
- ISO 27001/ISO 27002 Standards
- Intermediate
- SANS Top 20 Controls
- Intermediate
- IT Systems Assessments
- Intermediate
- Access & Identity Management
- Intermediate
Salary:
₹500, ₹1,000,000.00 per year
Benefits:
- Health insurance
- Provident Fund
Schedule:
- Day shift
Ability to commute/relocate:
- Hyderabad, Telangana: Reliably commute or planning to relocate before starting work (required)
Experience:
- Risk analysis: 2 years (required)
License/Certification:
- CISSP (required)
- CISM (required)
Speak with the employer
- Health insurance
More jobs from ENH iSecure Pvt. Ltd
-
Oracle OIM Developer
Hyderabad, India - 4 days ago
-
Java Full Stack Developer
Hyderabad, India - 2 days ago
-
Softskills Trainer
Hyderabad, India - 1 day ago
-
Java Middleware Engineer
Hyderabad, India - 1 day ago
-
Softskills Trainer
Hyderabad, India - 3 days ago
-
Delivery Manager
Hyderabad, India - 1 day ago