Location: Remote, IN – Remote, IN
Company: Qualfon
Job Summary
Director – Information Security (GRC)
The Director of Information Security is responsible for managing all Risk, Compliance and Assurance activities for all offices within Qualfon. This position is aimed toward managing information security activities that pertain to Qualfon global Offices and includes conducting / managing internal audits / risk assessments, participating in external audits such as PCI-DSS / SOC2, identifying risks and responding to security incidents & ensuring compliance with relevant regulations, and driving continuous improvement in our information security practices.
The Director – Information Security (GRC) will have a global team reporting to him / her and he / she would be the central point of contact for stakeholders on all security and privacy matters, he / she will be primarily responsible for articulating business needs to security requirements and will be a go-to by acting as the central point of contact.
MUST be able to support US eastern time zone.
Education
Minimum requirements (Education Qualification)
Qualification Required: Bachelor’s degree in computer science, information technology or other related major required
Certification desired: CISA, CISM,CISSP, CRISC or similar
Role
Act as a central point of contact for the information security and data protection activities
Lead, manage and improve security Risk, Governance and Data protection program for Qualfon Global Offices
Coordinate external audits such as SOC2 & PCI-DSS and manage customer assessments of Qualfon
Develop Risk and compliance strategy in alignment with business requirements, objectives and metrics
Translate legal, statutory and contractual obligations into a cohesive collection of processes and provide the respective stakeholders with the compliance requirements and methodologies
Use key business measurements to identify and drive process improvement opportunities for compliance and risk management
Review and update security policies and standards on a regular basis to address new threats, new industry practices, requirements and standards based on security and compliance requirements
Coordinate regular system and network audits, reviews, and tests to verify compliance with security policies and standards
Monitor internal and external security advisories that impact security, risk and compliance requirements
Support the implementation of security controls and recommend areas for risk reduction
Support RFP and contractual agreements process in assessing security requirements from potential customers
Assist and improve security awareness program
Assist and improve governance activities
Evaluate suspected security breaches, work with subject matter experts, and recommend corrective actions
Align and provide security metrics to Global Chief Information Security Officer on a periodic basis
Review the Data protection processes and controls implemented by various stakeholders
Provide recommendations around implementing technical and process controls related to privacy point of view
Provide periodic reports to the management on the effectiveness of the implemented controls and gaps (if any)
Other Skills and Experiences (Min)
Skills and Experience Required:
10-15 years of experience in information security, compliance, audit and / or risk management
Sound knowledge of security legislation / industry standards such as SSAE16 / SOC2, ISO 27001, PCI-DSS, HIPAA etc. desirable
Knowledge of security issues, trends, best practices
Familiarity with audit, business and segregation of duties, risks, and controls
Ability to foresee and identify mitigation strategies for risks
5+ years of applicable experience in working in enterprise risk management, risk management frameworks, concepts and methodologies
5+ years of experience with internal controls and performing risk assessments
Proficiency in interfacing with business leaders at various levels including middle and senior management
Urgent opening for the post of IT Support. Experience – 1 to 5 yrs Freshers can also apply location –...
Apply For This JobSenior Software Engineer Join us as a Senior Software Engineer on our Dell Digital’s Marketing Experience IT team in Bangalore...
Apply For This JobJob Description · Ensure that the assigned infrastructure at the client is configured, installed, tested, and operational. · Investigate first-line...
Apply For This JobJob Description Vconnex Pvt. Ltd., JaipurCIMET – A Comparison Software LeaderCIMET is an Australian company that provides Comparison as a...
Apply For This JobJob Description Job Details Description Description At Visteon, the work we do is both relevant and recognized-not just by our...
Apply For This JobMaintaining computer networks including mainframes, VPNs, routers and other physical hardware. Installing and configuring network equipment. Creating firewalls and updating...
Apply For This Job