Information Security Risk Management and Compliance (GRC)

JD for Consultant (Information Security Risk & Compliance)

KEY RESPONSIBILITIES & JOB DESCRIPTION

• Review of policy and procedure with implementation across organization
• In depth knowledge of risk management with good knowledge of handling external and internal risks
• Work with cyber risk quantification and integrate with existing risk management process 
• Should be able to quantify risks and define criticality.
• Work with the internal teams to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements.
• Monitor and report on compliance with security policies, as well as the enforcement of policies.
• Ensuring operational compliances with regulations such as ISO 27001, ISO 22301, PCI-DSS, Data Privacy etc.
• Identifying risk and compliance posture of the client environment by reviewing reports such as: Vulnerability & Penetration testing, Patch Mgmt. Application Security. Cloud Security etc.
• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
• Execute information security assessment, business continuity assessment, risk assessments pertaining to Airtel environment.
• Execute technical risk assessments around applications, control testing etc.
• Ensure security by design
• Ensuring operational compliances with data privacy regulations like GDPR and guiding the delivery managers on privacy by design and security by design principles

SKILLS

• Minimum 5 Years in Information security risk management and compliance role
• Expertise in delivery of risk and compliance advisory services 
• Excellent technical capabilities around information security, business continuity and technology risk assessments
• Good compliance understanding of industry domains such as ISO 27001, ISO 22301, GDPR etc. 
• Excellent written and verbal communications skills

QUALIFICATIONS

B.E/B.Tech with MBA preferred. 

Mandatory Industry Certifications:

• CISA/CISM/CISSP
• ISO 27001 & ISO 22301 Implementer, Lead Auditor

WORK LOCATION

Gurugram

We are a fun-loving, energetic and fast growing company that breathes innovation. We strive to give an unparalleled experience to our customers and win them for life. One in every 24 people on this planet is served by Airtel. 

Here, we put our customers at the heart of everything we do. We encourage our people to push boundaries and evolve from skilled professionals of today to risk-taking entrepreneurs of tomorrow. 

We hire people from every realm and offer them opportunities that encourage individual and professional growth. We are always looking for people who are thinkers & doers; people with passion, curiosity & conviction; people who are eager to break away from conventional roles and do ‘jobs never done before’ .