Audit Manager, Information Security

xc2xb7 The Senior Manager Information Security Third-party Risk Management position will be an integral member of the Information Security and Risk Management team This role will be responsible for design development implementation and monitoring of risk management program Work in Chief Information Security Officer CISO office under Associate Director Information Security Governance Risk and Compliance this role serves as an information security technology professional for Grant Thornton to support the design implementation and maintenance of a cohesive information security governance risk and compliance program The successful candidate will have a good mix of deep technical knowledge understanding of industry best practice frameworks and regulations and a demonstrated background in information security risk management program An experienced and motivated risk and compliance individual contributor is needed to work across a matrixed team in place today and growing in the future The successful candidate has a track record of developing strong relationships collaborating across teams coordinating multiple timelines and managing complex cross discipline projectsSkills The ideal candidate xc2xb7 is a self-starter with the ability to drive tasks to completion independently and learn new skills on the job as program requirements evolve xc2xb7 possesses strong business judgment deep analytical thinking is comfortable managing multiple responsibilities within a fast-paced environment and has worked collaboratively with others to develop implement and communicate business improvement and innovative strategies xc2xb7 possesses strong verbal and written communication skills a solution-oriented approach and relationship-building skills are important attributes to succeed in this role xc2xb7 global view of their business and think in terms of immediate problem solving but also automating expanding and scaling solutions broadly xc2xb7 thinks strategically at a global level and effectively develop key processes procedures and communications that facilitate cross-functional implementation of risk management processes and risk reporting Responsibilities Advance the information security third-party risk management framework and develop risk appetite Develop effective strategies for addressing high-risk suppliers Oversee and perform security risk assessments business impact analyses and security control evaluations across third-party vendors in OneTrust xc2xb7 Prepare risk register in OneTrust to monitor and track risks Provide supply chain security assessment remediation oversight and facilitate development of CUECs to document shared responsibility model Perform client MSA security terms and conditions review and provide feedback to legal team Ensure compliance with relevant firm security policies Support iterative review of assessment results working with appropriate stakeholders across the lines of defense Establish risk reporting and escalation processes Remain up to date with emerging threats best practices and relevant legislation Work and communicate hand-in-hand with both external and internal stakeholders on critical issues that are directly impacting the business Contribute to the development of scalable models and tools that speed up both decision making and accuracy for the organization Meet with stakeholders to gather and integrate feedback and evangelize the program Perform and facilitate the collection review and assimilation of risk assessment data and reporting into concise and meaningful reports dashboards for leadership Take leading role in drafting and presenting deep-dive documents including responses to senior executives About Company xe2x80x98Grant Thornton INDUS comprises GT U S Shared Services Center India Pvt Ltd and Grant Thornton U S Knowledge and Capability Center India Pvt Ltd Grant Thornton INDUS is the shared services center supporting the operations of Grant Thornton LLP the U S member firm of Grant Thornton International Ltd Established in 2012 Grant Thornton INDUS employs professionals across a wide range of disciplines including Tax Audit Advisory and other operational functions What sets us apart isnt just what we do its how we do it We support and enable the firms purpose of making business more personal and building trust into every result Were collaborators obsessed with quality and ready for anything who understand the value of strong relationships Our professionals are well integrated to seamlessly support the U S engagement teams help increase Grant Thorntons access to a wide talent pool and improve operational efficiencies Empowered people bold leadership and distinctive client service are imbibed in the culture at Grant Thornton INDUS We are a transparent competitive and excellence-driven firm that offers an opportunity to be part of something significant In addition professionals at Grant Thornton INDUS serve communities in India through inspirational and generous services to give back to the communities they work in Grant Thornton INDUS has its offices in two locations in India Bengaluru and Kolkata