• The ideal candidate would be agile, ability to perform duties independently under general, minimal supervision within specific assignments.

KEY RESPONSIBILITIES

• Be a key part of GRC projects, end to end from consulting to implementation
• Apply GRC fundamentals incorporated in various processes.
• Understands and document information systems and processes correctly.
• Engage with clients to understand relevant solutions and advise them
• Understands information security controls and how they relate to engagement requirements.
• Raise awareness for clients and internal team around GRC.
• Lead the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations.
• Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
• Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors

Education/Certifications:

• Bachelor’s degree in an IT-related discipline
• Working knowledge of frameworks standards and regulations, including PCI, ISO 27001/22301/9001/20000/DPR.
• Experience in conducting VAPT would an advantage.
• Possession of ISO 27001/22301/9001/20000 valid certifications.
• Possession of COBIT 2019, PIMS, CISA, CISM, CISSP would be an advantage
• 3-5 years of experience in an information systems environment, with strong knowledge of IT Governance and Systems Information Security.