Talent.com
Information Security Audit Manager

Information Security Audit Manager

HCLTechBengaluru, Republic Of India, IN
26 days ago
Job description

Position Summary - The position is a member of Risk & Compliance org within HCL Technologies. The DCO will be aligned to critical service delivery engagements and will be responsible for ensuring compliance in accordance to client, organizational & regulatory security requirements.

Key Responsibilities - Perform the following functions :

  • Lead and manage the internal assessment program, ensuring effective facilitation of assessments. Oversee the program's execution and conduct control testing aligned with established frameworks and standards, including ISO 27001, ISO 22301, ISO 27701, SOC 1 & SOC 2.
  • Maintain and update the enterprise risk register, ensuring accuracy and completeness of risk data, and develop consolidated risk views for reporting and analysis.
  • Design and prepare risk dashboards to visualize key metrics and trends, and present comprehensive status reports to senior management as part of the internal risk assessment program
  • Perform assessments of the in-scope facilities against relevant standards such as ISO 27001, ISO 22301, SOC.
  • Collaborate closely with various stakeholders to support the entire certification lifecycle.
  • Engage with relevant stakeholders to manage compliance requirements through awareness initiatives and regular interactions, ensuring users understand and comply with necessary procedures to maintain security.
  • Identify gaps and non-compliances, and work with relevant stakeholders to ensure timely resolution
  • Promote a risk-aware culture throughout the organization.
  • Assist in scoping and develop a calendarized schedule of activities for regular monitoring.
  • Adhere to a defined escalation matrix to manage identified risks.
  • Coordinate and facilitate to third parties for external audits.
  • Stay informed about the latest information security trends and threat landscapes to take proactive measures during assessments.
  • Keep management informed of critical issues that may impact customers, suppliers, or the company.
  • Introduce efficiencies to enhance existing programs.
  • Actively participate in other projects / initiatives as required.

Mandatory knowledge or skills -

  • Candidates should possess prior relevant experience in risk and compliance, along with appropriate certifications. Experience in handling ISO 27001, SSAE, and PCI requirements across various industries is preferable.
  • Additional experience with other standards and assessments such as ISO 27701, ISO 42001 and ISO 22301 is advantageous. A foundational understanding of regulatory and statutory compliance is essential.
  • Experience in managing merger and acquisition activities from an information security perspective is desirable. Candidates are expected to have 10 years of relevant experience in information systems audit / assessment and risk management (including risk assessment and remediation).
  • Sound knowledge of management reporting and dashboard creation is required.
  • Proficiency in independently handling projects with strong interpersonal and excellent communication skills is necessary. Candidates should demonstrate strong analytical, Familiarity and experience with managing small to medium initiatives, including timelines, status, interdependency, and risk management, is essential.
  • The candidate should be adept at assisting with the management of stakeholder needs and expectations, providing consistent and regular communications with support from management.
  • The ability to effectively balance multiple tasks through careful prioritization and to work collaboratively with others to produce a quality work product is required.

    • Education Qualification - Bachelor’s Degree - BE / B Tech / B.Sc, Master degree in any domain, preferably in Information Technology or Computer Science

    Certifications Preferred - Security Certifications like CISA / CRISC / ISO27001

    Attributes of Ideal Candidate –

  • Atleast 10 years’ experience, Relevant or minimum 8-10 years of experience in in the field of ISO 27001 & SSAE 18 / assessment and Risk management (risk assessment and remediation)
  • We are eager to discuss how your leadership skills and vision align with our organizational goals. Thank you once again for your interest in joining HCLTech.
  • Strong analytical, problem solving, organizational, documentation;

    • time management skills.

  • Candidate assists with management of stakeholder needs and expectations while providing consistent and regular communications with support from management
  • Candidate is able to effectively balance multiple tasks through careful prioritization
  • Candidate is able to work collaboratively with others to produce a quality work product
  • Proven ability to communicate with multiple stakeholders
  • Proven ability to manage output from multiple teams
  • Excellent spoken and written English
  • Good Report Writing and Analytical Skills
  • Proficient in MS Office
  • Good in Data Analytics, MIS, Inferences and self-scrutiny for continuous improvement
    • Create a job alert for this search

    Information Security Manager • Bengaluru, Republic Of India, IN

    Related jobs
    • Promoted
    Information Security Engineer

    Information Security Engineer

    InCred CapitalBangalore Urban, Karnataka, India
    We are seeking a highly motivated and independent Information Security Engineer to join.The ideal candidate will possess a broad range of technical and compliance expertise across various informati...Show moreLast updated: 16 days ago
    • Promoted
    Uniqus - Cyber Security Consulting Manager

    Uniqus - Cyber Security Consulting Manager

    Uniqus ConsultechBangalore, India
    Cyber Security Consulting Manager Job Description : Position Overview : The Cyber Securi...Show moreLast updated: 30+ days ago
    • Promoted
    Pixis - Head of Information Security - Vulnerability Management

    Pixis - Head of Information Security - Vulnerability Management

    PixisBangalore
    Description : Why Pixis ? We at Pixis believe that nothing is impossible, when you fail fast you learn faster, zero hierarchy, put the team above...Show moreLast updated: 17 days ago
    • Promoted
    Resillion - Cyber Security Manager / Architect - Security Operations Center

    Resillion - Cyber Security Manager / Architect - Security Operations Center

    ResillionBangalore
    Job Description Job Title : Cyber Security Manager / Architect.Experience range : 12-15 Years.Location : Bangalore (Hybrid Overview : <...Show moreLast updated: 30+ days ago
    • Promoted
    Trinity - DevSecOps Manager - Incident Management

    Trinity - DevSecOps Manager - Incident Management

    TRINITYPARTNERS INDIA LLPBangalore
    Designation : Manager Experience : 8 to 14 years The DevSecOps Manager plays a pivotal role in guiding Trin...Show moreLast updated: 30+ days ago
    • Promoted
    Program Manager (Information Security)

    Program Manager (Information Security)

    NaviBengaluru, Karnataka, India
    At Navi, the InfoSec team safeguards our digital ecosystem - ensuring the confidentiality, integrity, and availability of critical systems and data. We lead the charge on cyber risk management, regu...Show moreLast updated: 3 days ago
    Senior Manager - Information Security Trust & Compliance (Bangalore)

    Senior Manager - Information Security Trust & Compliance (Bangalore)

    First AdvantageBangalore, Karnataka, IN
    Quick Apply
    The role will own, lead, and scale large, multi-client GRC programs across diverse industries.This role will own the strategy and execution of a risk-based GRC approach that identifies, measures, m...Show moreLast updated: 30+ days ago
    • Promoted
    Pixis - Head - Information Security

    Pixis - Head - Information Security

    PixisBangalore, India
    Pixis is a global AI technology company transforming how brands plan, create, and optimize marketing.Our flagship marketing operating system, Prism, sits at the core of the Pixis platform, using AI...Show moreLast updated: 30+ days ago
    • Promoted
    Head of Information Security

    Head of Information Security

    PixisBengaluru, Karnataka, India
    Pixis is a global AI technology company transforming how brands plan, create, and optimize marketing.Our flagship marketing operating system, Prism, sits at the core of the Pixis platform, using AI...Show moreLast updated: 30+ days ago
    • Promoted
    Mashreq - Manager - Information Security

    Mashreq - Manager - Information Security

    Mashreq Global Services Private LimitedBangalore, India
    Management : - To Strategize, develop and implement Data Protection Controls in coordination with stakeholders across the Organization globally. To ensure compliance of the Organ...Show moreLast updated: 22 days ago
    • Promoted
    Senior IT Manager - Security Operations Center / IT Audit

    Senior IT Manager - Security Operations Center / IT Audit

    SKS EnterprisesBangalore
    Job Summary : We are seeking an experienced and strategic Senior IT Manager SOC / IT Audit to lead and oversee our enterprise-level Security Operatio...Show moreLast updated: 30+ days ago
    • Promoted
    Observe.AI - Infrastructure Security Leader - Incident Management

    Observe.AI - Infrastructure Security Leader - Incident Management

    Observe.AIBangalore
    AI Observe.AI is the leading conversation intelligence platform for boosting contact center performance.Built on the industry's most accurate AI engine that anal...Show moreLast updated: 30+ days ago
    • Promoted
    Pixis - Head of Information Security

    Pixis - Head of Information Security

    PixisBangalore
    About us : Pixis is a global AI technology company transforming how brands plan, create, and optimize marketing.Our flagship marketing operating system, Prism, sits a...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Manager - Information Security and System Audit

    Senior Manager - Information Security and System Audit

    sliceBengaluru, Karnataka, India
    The individual will be responsible for executing IT security audits, ensuring adherence to ISMS and ITGC controls, and identifying potential security risks. The role involves conducting security ass...Show moreLast updated: 8 days ago
    • Promoted
    Nextiva - Information Security Auditor

    Nextiva - Information Security Auditor

    NextivaBangalore
    Description : The Information Security Auditor will work across the organization to ensure Nextivas complian...Show moreLast updated: 24 days ago
    • Promoted
    Information Security Architect - Threat Modeling

    Information Security Architect - Threat Modeling

    Digihelic Solutions Private LimitedBangalore
    Description : Job Role : Information Security Architect.Experience Required : 7 to 9 years.Key Responsibilities : - Des...Show moreLast updated: 17 days ago
    • Promoted
    Amadeus Labs - Senior Specialist - Information Security

    Amadeus Labs - Senior Specialist - Information Security

    Amadeus LabsBangalore
    Description : Job Title : SENIOR SPECIALIST INFORMATION SECURITY.Summary Of The Role : Youll play a key role in en...Show moreLast updated: 30+ days ago
    • Promoted
    Information Security Lead

    Information Security Lead

    Narayana HealthBengaluru, Karnataka, India
    The Information Security Lead will be responsible for developing and implementing the organization’s information security framework to safeguard patient data, clinical systems, and enterprise IT in...Show moreLast updated: 30+ days ago