This job posting is no longer active.
Location: Bangalore, KA, India
Job ID: 1000650
• This position will give an opportunity to work for Information Security Governance on information systems, processes and technologies within the organization.
• This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines and US
• This position will report to the Manager or Assistant Manager, Information Security and is expected to work independently on tasks assigned.
• This position requires:
o Hands-on experience in implementation of Security Governance framework.
o Experience in performing Security audits and Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems.
o Understanding on Legal & Regulatory requirements such as Data privacy, Intellectual property safeguards, Records Management etc.
o Knowledge about latest regulations, compliance, standards and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, COSO, FFIEC, etc.
o Ability to conceptualize Security Governance framework and have eagerness to assist Management with creation and implementation of Security Governance Policy Framework.
o Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization
o Ability to prepare Management Reports highlighting the security posture of the organization with regards to various security metrics defined inline with Enterprise Risk Management framework
o Strong proficiency in Microsoft Office applications (MS Excel, Word, PowerPoint etc.) with a general understanding of data analysis techniques
o Excellent organizational, skills, detail oriented, logical, and systematic with the ability to multi-task and drive projects to successful conclusion; must be able to gather and interpret relevant information; must have experience presenting conclusions in a clear and concise manner; with ability to work in a high value and strict deadline environment
o Certifications such as ISO27001 LA, CISA or equivalent would be an additional advantage.
Job Functions and Responsibilities:
• Perform security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed during desktop and onsite audits
• Perform and oversee Information Security Policy Framework
• Recommend appropriate corrective actions and remediation plans for risks identified
• Assist in developing the implementation of risk mitigation measures
• Create and manage multiple dashboard reporting mechanisms to facilitate improved communication and to allow for measurement of progress between senior management and its specific vendors as well as internal business leadership
• Create and manage the information security opinions to ensure due diligence and recommend approaches for IT audits, signing of vendor contracts and RFP processes
• Work with the Business functions to ensure security opinions are in-line with Ocwen's risk management and information security policies
• Plan and execute vendor IT and Security audit programs in-line with Ocwen's risk management policies
• 3-5 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles
• Bachelor’s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage.
• Preferred Certifications
o Certified Information Systems Auditor (CISA) or ISO 27001: 2013 LA
• Demonstrated experience in conducting vendor assessments and risk reviews
• Experience in Information Security and/or BCP/DR with an audit perspective
• Demonstrated experience in a multi-vendor environment and Project Management role preferred
• Understanding of various cloud models including Amazon, Azure, Oracle and Cloud Security.
• Knowledge and understanding of current DR planning techniques, industry standards and methodologies including BIA process, risk analysis procedures and RTO/RPO measurements preferred
Training / Licensing Requirements: (only add if needed)
Work Schedule: 2 PM to 11 PM / 5 PM to 2 AM