Client security due-diligence
Client contracts/ MSA review
Governance around client security controls
Security incident response
The individual will be responsible for oversight of IRM initiatives for assigned set of accounts. This individual will be responsible for all security and compliance related activity and managing stake holder expectation. Some of these measures include, but are not limited to, assessing infrastructure devices, awareness training for accounts and best practices for process and security assessment.
Coordinate Client Visits, audits
Conduct risk assessments for key accounts and support risk remediation
Review of client master service agreements and act on required security compliance requirements
Coordinating with external auditors for PCI-DSS, and SSAE16 SOC1/ SOC2 audits
Liaison with customers and internal teams for security incident response
Review security exceptions
Day to security operation
Planning and execution of security assessments
The candidate should have a bachelors degree or masters with required relevant experience
Minimum of 4+ years security experience; preferably within a large global organization
Sound understanding of Wintel technology, Network Topology, LAN/WAN/Security design, Proxy Patch Management. SIEM, Vulnerability Management.
Should have knowledge to translate security concepts into language that is meaningful to many audiences, including business and technical leaders and individual contributors.
Demonstrate ability to influence decision-making processes at all levels of team.
Sound understand of various global regulations impacting data security controls( HIPAA, Hitech, GLBA,DPA,SOX)
Familiar to data privacy principles
Relevant professional qualifications / certifications (CISA, CISSP, CRISC,CISM)
Personal Characteristics -
An ability to think methodically, attention to detail and a healthy paranoia are vital attributes.
Ability to present complex solutions and methods to a general community.
Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks.
Must be reliable and adaptable.
Excellent written and verbal communication and organizational skills.
Outstanding work ethic.
Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources.
Experience with working on global teams across time zones, cultures and languages.