Performing third party risks assessment on behalf of our clients over the outsourced processes
Experience in handling key activities of audit life cycle: scoping, planning, fieldwork execution, reporting, QA and issues tracking
Assessing findings and articulating the risks in the context of a client's risk management framework and recommend areas of improvement
Exposure to Information Security Management Systems (ISMS) framework
Reporting and communicating risks to all stakeholders including senior management
Testing of controls, identification of deficiencies.
Risk assessment: exposure and hands on experience on risk assessment methodologies, create risk registers, risk treatment and mitigation activities
Managing client relationships, handling escalations and reviewing work of subordinates
Managing the team and owning project deliverables
Experience and skills:
Strong communication and interpersonal skills
Clear and concise documentation skills
Should be updated on latest information security risks and vulnerabilities
Clear understanding of IT control domains listed in ISO 27001.
Experience IT Security Standards along with ISO 27001
Good to have experience in assessing Standard Information Gathering (SIG) framework
Risk assessment: exposure and hands on experience with risk assessment methodologies, creating risk registers, risk treatment and mitigation activities.
Certifications: ISO 27001, ISO 22301, CISA and/or CISSP preferred