T D Newton & Associates
Website:
tdnewton.com
Job details:
The candidate will be involved in the infosec operations, risk management activities, Third party security and governance. This implies working relations with extended Business lines and IT teams on behalf of G3C team.
The candidate will be working in a high-pressure environment, it calls for assertiveness and flexibility to ensure deadlines are met based on agreements / defined milestones
We are seeking a skilled and experienced Information Security & Risk specialist to join our team. The ideal candidate will have 7-9 years of experience in risk and information security audit, with a focus on third party risk management.
In this role, you will be responsible for conducting risk assessments and audits of the company's information security systems, processes, and controls. You will work closely with the Information Security team and other stakeholders to identify and evaluate potential security risks, and provide recommendations for mitigating and managing these risks.
The main responsibilities as a lead & performer are:
- Perform third party risk assessments
- Design security controls
- Perform infosec audits
- Act as a SPOC for the team
- Work in close coordination with global Function Manager and local line manage
Responsibilities
- - Continuously evaluate existing security practices, define and measure security-related activities and demonstrating improvements to the sec programs within the organization
- - Work closely with governance, regulatory and compliance to help formulate and implement a strategy for security that is tailored to the specific risks facing the organization
- - Monitor and provide continuous assurance on infrastructure security by leveraging available third party tools while assuring efficacy of controls against policies and certifications in the most automated manner
- - Responsible for building effective working relationships, making sound decisions, successfully making changes, initiating action and achieving results
Profile
- 4-5 years of overall work experience in IT app/ Infrastructure, risk, cybersecurity
- A strong understanding and experience of establishing security governance across an organization
- Conducting risk assessments and audits of the company's information security systems, processes, and controls
- Identifying and evaluating potential security risks, including risks related to third party vendors and partners
- Developing and implementing strategies and processes for managing and mitigating identified risks
- Working with the Information Security team and other stakeholders to implement and maintain security controls and standards
- Providing guidance and support to the Information Security team and other stakeholders on information security best practices and standards
- Developing and maintaining security policies, procedures, and standards
- Reporting on audit findings and recommendations to the Information Security team and other stakeholders
- Keeping up-to-date with the latest developments and trends in information security, risk management, and third party risk management
- Strong a self-starter who has the ability to operate independently and demonstrates complete ownership over assigned objectives in a "semi-structured" environment
- Excellent oral/written presentation skills with ability to communicate effectively with senior executive leadership
Click on Apply to know more.