Auth 2.0 - Hyderabad, India - ENH iSecure Pvt. Ltd

ENH iSecure Pvt. Ltd
ENH iSecure Pvt. Ltd
Verified Company
Hyderabad, India

1 week ago

Deepika Kaur

Posted by:

Deepika Kaur

beBee Recuiter
Description

Job purpose:


To undertake third-party information security and governance risk reviews of the company and identify key risk areas and manage remediation of control gaps.

To work closely with business owners and other key internal stakeholders, and assist in enhancing the information security controls in place at third parties for the protection of company information assets.


Title:
Risk Analyst


Experience:
3+ years


Employment:
Full Time.


Location:
Gurgaon


Responsibilities:


  • Manage and assess a portfolio of third parties inline with company third Party Assurance framework and company information security standards, ensuring each step is completed within SLA.
  • Work with third parties to review technical and governance controls and identify weaknesses/noncompliance as control gaps.
  • Track and manage gaps and risks both internal and at third parties through to remediation.
  • Maintain an uptodate record of all third parties that access, store, process and provide services to the company.
  • Manage any risk mitigations associated with third parties, both internally and with the third parties themselves.
  • Assist with the risk rating of new and existing third parties through the Business Impact Assessment process.
  • Input into the continuous improvement of the Third Party Assurance and risk management processes.
  • Undertake third party site visits to validate the status of vendor controls.
  • Be a point of contact for queries related to third party assurance.
  • Build and manage stakeholder relationships with the business and third parties.
  • Provide high quality risk reports, with guidance and recommendations, to enable senior business owners to make the most appropriate risk decisions relating to the use of suppliers.
  • Provide an assurance and advisory role to company internal teams on the implications of IT and data security.
  • Be involved in regular metric reporting to senior management and other key stakeholders.
  • Consult with internal technical teams relating to third party controls.
  • Maintain all required skills & complete necessary training and act in line with our values and Code of Business.

Qualifications:


  • Master's degree or equivalent in Information Security.

Certifications:


  • CISSP, CISA, CISM

Functional Skills:


  • Business and commercial acumen
  • Intermediate


  • Change management

  • Intermediate

- project Management
  • Intermediate
  • Data analysis and modelling
  • Intermediate


  • Stakeholder management

  • Intermediate


  • Financial analysis

  • Expert
  • Data Protection Act
  • Intermediate
  • International Data/Privacy Laws
  • Expert
  • Best Practice Information Security Policies
  • Intermediate
  • ISO 27001/ISO 27002 Standards
  • Intermediate
  • SANS Top 20 Controls
  • Intermediate
  • IT Systems Assessments
  • Intermediate
  • Access & Identity Management
  • Intermediate

Salary:
₹500, ₹1,000,000.00 per year


Benefits:


  • Health insurance
  • Provident Fund

Schedule:

  • Day shift

Ability to commute/relocate:

  • Hyderabad, Telangana: Reliably commute or planning to relocate before starting work (required)

Experience:


  • Risk analysis: 2 years (required)

License/Certification:

  • CISSP (required)
  • CISM (required)

Speak with the employer

  • Health insurance
More jobs from ENH iSecure Pvt. Ltd
See all jobs of ENH iSecure Pvt. Ltd