▷ 3 Days Left Information Security

Job Description Work Level: Middle Management Core: Self Motivated, Result Driven, Problem Solving Leadership: Deliver Results (Team/Organisation), Finding Solutions Industry Type: IT Services & Consulting Function: IT & Information Security - Other Key Skills: Cybersecurity Framework,Risk Management,Risk Analyst,Vendor Management,Analyzing Information,Information Security,Security information and event management (SIEM),Compliance,VAPT,Cloud Security,AWS,Azure,GCP,OCI,Endpoint Security Education: Graduate Note: This is a requirement for one of the Workassist Hiring Partner. Primary Responsibility: Program Management - Develop, implement, and continuously enhance the organization's TPRM framework, policies, procedures, and guidelines. Risk Assessment & Due Diligence - Conduct comprehensive end-to-end security assessments of third parties throughout their lifecycle (onboarding, monitoring, and offboarding). - Perform due diligence reviews of vendors, evaluating security controls, compliance posture, and operational effectiveness. - Assess and recommend mitigating controls across: - Network, Server, and Endpoint Security - Data Protection (PII, Cardholder Data) - Cloud Security (Azure / AWS / GCP / OCI) - Encryption and API Security - Review compliance with standards such as PCI-DSS, PCI-PIN, and PA-DSS as applicable. Continuous Monitoring - Establish and manage ongoing processes for periodic assessments and continuous monitoring of third-party security and compliance posture. Risk Mitigation & Advisory - Identify potential risks in third-party engagements and recommend effective mitigation strategies. - Provide expert advisory on security control implementation and data protection in line with security-by-design principles. Reporting & Stakeholder Engagement - Lead audit planning, review reports, and present findings on third-party risk posture to senior management. - Partner with business units on new third-party requirements, ensuring risks are assessed from the start. - Collaborate with internal teams (Legal, Procurement, IT, CISO, Group Security) for an integrated TPRM approach. - Support regulatory submissions and compliance requirements, particularly in the digital payments ecosystem. - Act as a liaison with business partners to ensure compliance and regulatory assurance. Compliance & Standards - Ensure all third-party engagements comply with relevant laws, regulations, and industry standards. - Validate adherence to recognized frameworks such as ISO 27001 (ISMS), SOC reports, and NIST Cybersecurity Framework. Company Description Workassist is an online recruitment and employment solution platform based in Lucknow, India. We provide relevant profiles to employers and connect job seekers with the best opportunities across various industries. With a network of over 10,000+ recruiters, we help employers recruit talented individuals from sectors such as Banking & Finance, Consulting, Sales & Marketing, HR, IT, Operations, and Legal. We have adapted to the new normal and strive to provide a seamless job search experience for job seekers worldwide. Our goal is to enhance the job seeking experience by leveraging technology and matching job seekers with the right employers. For a seamless job search experience, visit our website: https://bit.ly/3QBfBU2 (Note: There are many more opportunities apart from this on the portal. Depending on the skills, you can apply for them as well). So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you