Information Security And Risk Manager Job in Cynosure Corporate Solutions

Information Security And Risk Manager

Apply Now
Job Summary

Job Description

  • Identify and evaluate risks; understand business context and prepare
  • reports and recommendations
  • Perform annual Security Risk assessments and conduct related ongoing
  • organizational compliance monitoring activities
  • Identifying cloud-related risks and related business impact
  • Identifying risk mitigation approaches (actions, phases, manual efforts, etc.)
  • Communicating risks in business terms for prioritization
  • Work with all functional business areas to develop and maintain a corporate
  • wide BCP program that addresses business recovery and emergency
  • response management
  • Define, establish and implement organizational information security
  • processes, to ensure business, regulatory, legislative and contractual
  • Requirements and obligations are met.
  • Implement internal and external ISMS audit processes, audit plan, monitor
  • effectiveness of controls and corrective actions in cooperation with the
  • stakeholders across the organization.
  • Manage gap analysis, compliance readiness, and compliance monitoring
  • activities for ISO/IEC 27001, SOC2 and other regulatory security audits.
  • Coordinate external security audits, assessments and testing as well as
  • Remediation plans development and implementation.
  • Identify, assess and monitor information security risks and recommend
  • mitigation measures.
  • Develop content, coordinate and facilitate a comprehensive organizational
  • information security awareness training program.
  • Manage security requirements with third parties, including due diligence of
  • products and services providers and information security requirements
  • clauses in service provision agreements and contracts.
  • Develop, coordinate and maintain information security policies, procedures
  • and other security related documents.


Requirements

Proven experience across security governance, risk and compliance
domain.
Proven experience across business continuity domain
Strong communication skills and ability to interact professionally with a
diverse group including executive management, managers and subject
matter experts.
Strong management skills, leading people, delegating tasks, setting goals
and ensuring objectives are met in continuous and deadline-oriented
activities.
Experience in leading ISO 27001:2013 certification and surveillance audits.
Experience in leading and supporting information security risk assessments
and management process.
Pro-active, self-motivated approach and ability to work independently within
a global security team.
Bachelor s Degree in Information Security, Information Assurance,
Computer Science, Cybersecurity, Risk Management or equivalent work
experience.

Professional certification (CISSP/CISM/CRISC and ISO 27001 Lead
Implementer/Auditor or similar).
At least 8 years of experience in Information Security.
At least 3 years previous experience in managerial roles.
High proficiency in written and spoken English.
Experience working with cloud security and GRC tools, cloud access
security brokers (CASBs), and server virtualization technologies
Ability to share your specific expertise to the rest of the Technology group


Experience Required :

10 to 12 Years

Vacancy :

2 - 4 Hires

Similar Jobs for you

See more recommended jobs