Assist to Implement, maintain, and manage security compliance frameworks, including ISO 27001, PCI DSS, SOC2 Type2, GDPR, DPDPA and other regulatory standards.
- Act as a liaison with product vendors, conduct Proof of Concepts (POC), and generate reports on findings.
- Be the conduit between Customer Audit teams and Indusface internal teams.
- Represent the organization for 2nd party audits by customers.
- Third-party risk management audits.
- Assist in conducting internal security audits to identify risks and ensure compliance with organizational policies.
- Assist in performing risk assessment and management, identifying vulnerabilities, and recommending mitigation strategies.
- Be a versatile player for security compliance, addressing queries and ensuring adherence to best practices.
- Assist in preparing and deliver internal presentations on the organizations security posture and compliance status.
- Assist in developing, review, and update security policies and procedure documents to align with industry standards.
- Manage and maintain the security review and audit charter, ensuring all compliance activities are Profile :
- Bachelors degree in information security, Cybersecurity, IT, or a related field.
- 5+ years of experience in security compliance, risk assessment, or IT security audits.
- Knowledge of ISO 27001, PCI DSS, and other compliance frameworks.
- Experience conducting risk assessments and internal audits.
- Ability to analyze security risks and recommend mitigation strategies.
- Documentation and policy-writing skills.
- Excellent communication and presentation skills.
- Ability to work independently and collaborate with cross-functional teams.
- Exposure to GRC tools is needed
- Certifications such as CISSP, CISA, CISM, or ISO 27001 Lead Auditor.
- Hands-on experience with security tools and technologies
(ref : iimjobs.com)