DP World
Website:
dpworld.com
Job details:
Job Description
Purpose of the Job:
- Conduct Internal Audit
- Conduct Risk Assessment
- Conduct Third Party Risk Assessment
- Assist in ISO27001 implementation for new business units and help in maintaining existing certification
- Conduct RoPA and DPIA
- Manage DLP rules
- Conduct random audit on any security domain to ensure all controls are in place
- Follow up with relevant stakeholders for closure of audit observations
- Monitor activities as per security plan for all the locations.
- Conduct Risk Assessment as per ISO 27001 standard
- Data recovery— Random check of backup and restoration testing related controls.
- Monitor and ensure information security awareness training done for all employees and contracted employees.
- Create multiple phishing and other security awareness campaigns
- Facilitate user access review and monitor ISMS metrics
- Monitor compliance and inform management regarding the same
- Assist in Data Governance related projects
- Create Data Registers
- Random check of implemented controls mentioned in information security policy and accompanying standards, procedures and guidance
- Knowledge of NIST, CSA framework, PCI DSS and other standards
- Knowledge of privacy controls
- Assist in policy and procedure review
- Work with internal stakeholders to develop relationships to help promote and improve information security
Key Accountabilities (duties And Responsibilities)
- Provide timely support to ensure closure of non-conformance.
- Monitor and maintain controls to ensure maximum access and high availability of systems based on system design.
- Risk Assessment
- SOP Documentation, Change Request, Impact Analysis and Enhancement
- Assist in Data Governance initiatives
Competences Required
Experience required: 5 to 10 years
Education Qualification: Bachelor in any Engineering branch
Technical (discipline) Related
- ISO27001 lead auditor Certification
- Awareness of latest practices in IT Security
- Infrastructure review and suggest security requirements for the Setup
- Awareness of NIST Cyber Security framework and Risk Management
- Knowledge of security controls related to Data Integrity, Business Process, Data Backup and Business Continuity.
- Experience in internal audit/ reviews based on ISO27001, COBIT, NIST etc.
- Sound knowledge and experience in ITGC audit
- Experience in risk assessment
- Experience in Data Governance
- Automation of GRC related activities
- IDAM experience will be an added credibility
- Knowledge and experience of Third Party Risk Assessment and AI Risk Assessment
- Knowledge of DPDPA
Interpersonal
- Strong verbal and interpersonal communication skill
- Be Honest and Trustworthy
- Be respectful & possess cultural awareness and sensitivity
- Professional
- Be Collaborative
Travel - 25% in a year
KPI’s (Key Performance Indicators) Of The Job
- Improve overall security in the IT setup and information governance.
- No Non-Conformance from HO Audit or ISO27001 external Audit.
- Overall improvement in Cyber Security posture at all Business Units.
- No security incident in the year
- Effective and efficient implementation of Data Governance initiatives
- Efficient implementation of Cyber Security Plan to improve the tier in NIST framework.
Click on Apply to know more.