Manager/ Sr. Manager - Risk Operations IT-Risk & Compliance
Role Holder Requirements:
Graduate degree and/or MBA, or other equivalent qualification.
10 to 15 years experience in IT out of which more than 8 years in IT Risk Management/Information Security.
Desirable Certifications: CISA/CISM/CISSP/ISO27001LA/CRISC
Expertise in all aspects of Risk Management including identification, analysis, mitigation, reporting, awareness, Incident Management and Response, GRC, audit and compliance.
Must possess excellent team and vendor management skills, and proven ability to communicate IT Risk posture to executive management by means of ongoing reporting, tracking, monitoring etc.
Experience in managing strategic outsourcing projects especially in the information security domain
Experience in driving pan-organization initiatives and managing large programs
Knowledge of GRC tools and automation of risk management processes
Proven ability to develop KPIs, Metrics, Dashboards, Heat maps etc. for monitoring and reporting risks for operational as well as senior management consumption
Experience in maturing various operational processes to increase their efficiency and effectiveness
Knowledge of risk assessment of Business and IT processes, BCP/DR, projects etc. and developing suitable mitigation plans for the same.
Understanding of technical risks and experience in overseeing assessments such as VA/PT/Appsec/Security Architecture review etc.
Experience in tracking latest threats and responding to them in a timely manner.
Knowledge of Advanced Persistent threats (APT), Anomaly Detection systems, SIEM, Log management solutions
Knowledge of Identity & Access Management, Privileged identity and access management, Data security products such as DLP, Digital Rights Management (DRM), Data Base Activity Monitoring (DAM) etc.
Exposure to software license management and compliance processes
Sound understanding of Data, Application security and secure SDLC framework
Experience in managing Security Operations Center (SOC) and Incident response
Demonstrate collaborative work ethics and enterprise-wide mindset in the performance of duties.
Ability to drive change across various business and technology functions
Promote a strong culture of control awareness and risk mitigation in all dealings with the Technology and Business.
Provide focus and clarity in establishing individual goals, driving performance management, supporting career development and rewarding strong performance.
Excellent communication and presentation skills
Well-developed impact and influence skills
Proven track record of building strong relationships across business functions
Strong vendor management skills