Find Opportunity

Client is one of the leading Business Consulting Services Provider. They are looking for a highly motivated and driven professional for the role of Manager What you will be doing? Own the technology risk management practise and concentrate efforts on continuous improvement in GRC function aligned to global standards like NIST CSF, ISO 27001, ISO 31000, Cloud Security Alliance, etc. Develop cyber security policies, procedures and standards and aligned to global standards. Perform risk assessments of the inhouse products and third-party vendor applications to identify current and future security risks. Evaluate emerging technologies for their adoption to strengthen projects Performs process-level walkthroughs, control testing, etc. for the identification and assessment of IT risks and controls. Effectively communicate key risks, findings, and recommendations for improvement with key stakeholders. Maintains risk register and develops IT Risk Management metrics and reports. Improve compliance with security standards and policies across third parties used in the enterprise. Monitor open third-party security issues and remediation actions associated with security control gaps to ensure timely closure. Responsible for conducting deep dives on IT security-related processes and systems. Executes information security awareness programs by regularly conducting workshops to educate employees about information security and best practices. What is expected out of you? 3-6 years of experience in Information Security & IT Risk Management. Zealous to un-learn & re-learn risk management practices in a “Cloud Native - DevOps Only” environment. Strong understanding of security governance, compliance and risk management principles. Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security. Ability to work independently with little direction and/or supervision. Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organisation. Keen attention to detail with the ability to correct on the fly and work independently. Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker. Mindset to standardize & maximise automation in security & risk management space. High business acumen & ability to understand business objectives, technology stack and evolve security as a business enabler capability. Ability to operate, decide & evolve in ambiguous situations. Curiosity to learn & adopt emerging technologies. Agile practitioner. Holds vendor neutral cyber security certifications (desirable).