Qualifications:
Bachelors Degree preferred
Well-versed in using infosec tool, technology
Experience in dealing with Data Privacy Agreements, Contracts, Service Level Agreements
Experience and role in Infosec Audits (ex. ISO 27001, HIPAA etc.)
ISO Certification
Job Description
- Carry out all information security risk assessment.
- Carry out Privacy risk and impact assessment for client operations and technology infrastructure
- Conducting operations audit based on Information security and privacy principles.
- Conducting review of contractual contracts, privacy contracts / exhibits / privacy agreements
- Supporting compliance certification (ISO, PCI, SSAE) and client audits
- Ensure various information security, privacy regulatory requirements /client's data privacy requirements are effectively addressed.
- Advise business unit leaders and risk management leaders in issues related to information security.
- Handling information security incidents, data breaches investigations
- Assist Risk management functional leaders in overseeing compliance activities relating to information security.
- Creation and maintenance of risk assessment trackers and keeping them current Creation and maintenance of up-to-date inventory of sensitive information profiling for client operations Ensure that contract arrangements are in place and being complied with. Obtain necessary evidence for the same.
- Conducting necessary due diligence on subcontractors / third party.
- Driving information security training and awareness to ensure employees are aware of their responsibilities.
