• Functional experience in domain of Governance, Enterprise Risk Management and Regulatory Compliance.
• Experience in regulatory compliance like, Sarbanes-Oxley Act (SOX), General Data Protection Regulation (GDPR), GxP Compliance etc.
• A solid understanding of IT control frameworks and IT general controls
• Working knowledge of overall risk management process that is conducting/participating on internal/external risk assessments and remediation process.
• Must have experience of conducting risk, compliance & audit programs
• Experience in managing large scale information security projects
• Experience across multiple Information Security domain i.e. IT Regulatory/policy Compliance, IS Governance, Risk Management, IT Infrastructure Security
• Have good technical awareness on Information security & IT network/infrastructure components
• Open to learning and working on new domains and technology
• Open to travel onsite for long term as well as short term.
• Good written and spoken communications skills
• Performing independent Assessment & recommend mitigation strategies on client’s Governance Risk & compliance environments like SOX, GxP, GDPR Compliance etc.
• Participates in process and control documentation pertaining to controls implementation.
• Participates in regulatory audits (process and IT) and management reporting.
• Facilitates IT governance implementation.
• Research and Development in best practices around core business processes, IT security.
• Develop service offerings for various industry regulatory and compliance requirements.
• Development and implementation of operational and enterprise risk frameworks.
• Liaise on with Client counterparts for compliance reporting & continually enhancing the risk & compliance framework implemented for the project.
• Drive & participate in different Risk, Compliance & Audit program and support all external/internal compliance assessment
• Drive/assist closure of audit non-conformities
• Monitor compliance with various contractual IT security requirements, customer policies/procedures
• Ensure relevant data privacy controls were deployed and GDPR requirements are monitored
• Point of contact for reporting & investigation of any relevant data breach
• Perform assessment to ensure that data privacy requirements were met
• Perform Delivery Center Assessment and submit report with mitigation/management response
B.E/B.Tech/Bachelor in Technology
CISA/ CISM/CISSP certification, ISO 27001 (Lead Auditor) preferred
We are looking for functional consultants have extensive experience in Policies & Process definitions and enforcement.