Grc/ Risk Assessment Professionals

Hiring for leading IT Firm
- From 4 to 9 year(s) of experience
- ₹ Not Disclosed by Recruiter
- Hyderabad/Secunderabad, Pune, Bangalore/Bengaluru, Delhi / NCR, Mumbai (All Areas)**Roles and Responsibilities**
- Review Projects and their technical design documents for Information security risks and advise on suitable controls and mitigations at early stages of the program
- Fair understanding of Technology Landscape (Applications, Infrastructure, Cloud) and review Clients information security and related threats and vulnerabilities, legal and regulatory requirements
- Good Understanding on Security Standards like ISO 27001/2, SOX, ITGC, SOC1 or SOC2, DevSecOps, OWASP top 10, Business Impact analysis, ISO 22301, ISO 27005
- Assess and classify all potential business and infrastructure information risks
- Review and advise on information security risks of vendor offerings New/leveraging existing (SAAS/ PAAS/IAAS) services including integration with Client environment
- Conduct risk assessment on Applications, Network& Systems according to Client policies, applicable Standards, legal & regulatory requirements.
- Identify the risks in the Client Projects, provide recommendations for remediation of identified risks
- Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies
- Identify or design the controls for implementation based on the outcome of Risk Assessment, its remediation and residual risk.
- Review Vulnerability Assessment and Penetration Test scan results and recommend the risks to be remediated
- Review and approve the control design of supplier and their organization technical specifications against Client security control requirements
- Ensure all the risks are documented, classified, and tracked with appropriate action as per the IRM standards.
- Work with Project Managers, Business Analysts, Architecture and Support Team to ensure Client Information Risk Management standards are being followed
- Test the control effectiveness post implementation or deployment of controls and technologies.
- Conduct Security governance with Client stakeholders.
- Understanding of Cloud Security (SAAS, IAAS and PAAS) and On-premise infrastructure
- Knowledge on Network Security, Data Security Practices, End-Point Security, Identity and Access Management
- Knowledge on Business Continuity Plan and Disaster Recovery

**Knowledge and skills**:

- Projects & Stake holder Management
- Governance, Management Reporting
- Very good communication skills, Agile, Project delivery
- Cloud Security controls, Data Security, Se(Info baselines, Privacy requirements
- Role:_Risk Management & Compliance - Other
- Salary:_ Not Disclosed by Recruiter
- Industry:_IT Services & Consulting
- Functional Area:_Risk Management & Compliance
- Role Category:_Risk Management & Compliance - Other
- Employment Type:_Full Time, Permanent
- Key Skills- GRC- risk managementCloud SecurityIT Risk ManagementRisk AssessmentISO 27001information security- Skills highlighted with ‘‘ are preferred keyskillsEducation
- UG:_Any Graduate
- PG:_Any Postgraduate

**Company Profile**:
Leinex Consulting

It is a major technology, engineering, construction, manufacturing and financial services conglomerate, with global operations. The Company addresses critical needs in key sectors - Hydrocarbon, Infrastructure, Power, Process Industries and Defense - for customers in over 30 countries around the world.
- Company Info- X- Contact Company:_Leinex Consulting