Kasmo Technologies Private Limited Hiring For Manager role IT Risk Management ITRM 10 Years permanent role Hybrid model at Bengaluru / Bangalore Full Time

Manager – IT Risk Management (ITRM)
Deloitte Technology’s (DT) ITRM service area helps Deloitte to manage the risks generated using IT in an effective, efficient, and agile manner, providing stakeholders assurance that residual risks are operating within the organization’s risk appetite.
Service Line: Audit & Certification
Audit & Certification is the single point of coordination for all audit and certification management activities in the first line of defense for Deloitte Technology.
Audit & Certification works closely with other Global and member firm IT stakeholders, leadership, external and internal auditors to manage IT audit and certification processes to demonstrate effective operation of Deloitte controls.
Work you’ll do
As a Manager, Audit & Certification you will be responsible for the maintenance of Deloitte Technology (DT) industry standard framework assessments and certifications. You will collaborate with Global and member firm IT groups to demonstrate effective operation of DT controls, via DT IT certifications for operations, security, infrastructure, shared services and applications.
The role is a subject matter expert in information security processes and standards and audit frameworks (i.e., ISO, COBIT, SOC 2 etc.)

Key responsibilities include:

Execute coordination of internal and external audits and assessment, including but not limited to ISO27001, 27017, 22301 and SOC 2; Liase with external and internal auditors, assist in driving closure of open non-conformities.
Manage and continually improve the DT ISMS (Information Security Management System) and related processes, e.g,. IT risk assessment, metrics reports, awareness and compliance to DT policies and standards
Support leadership meetings, including Management Review, ISMS Security Forum
Liaise with Cybersecurity, Global Technology Infrastructure (GTI), Portfolio & Solutions (P&S), Global Risk, Internal Audit, global and member firm risk leaders to support compliance of DT ISMS
Represent Cybersecurity GRC A&C in GTI, P&S initiatives, including standard development, design of compliance programs, and Global Target Operating Model
Manage independent assessment programs to support the identification of control enhancements in end-to-end processes, recommend remediation actions, and share best practices with DT, member firms
Work directly with second line of defense to understand root causes, process deficiencies, control failures for the non- conformities and bring them to closure using continual improvement process.
Contribute to, produce and maintain processes, procedures, operational documentation as well as drive continual improvement initiatives to align technology risk posture to Deloitte’s risk appetite
Effective relationship-building, communication, presentation, and interpersonal skills; prepare leadership communication materials, facilitate, document, follow up on open items from meetings and Audits
Ability to identify and deliver improvement opportunities
Report breaches in information security or policies
Leverage available technical resources/tools to research; expand IT risk knowledge to enhance work product, remain up to date on member firm and business hot topics while sharing IT risk knowledge where applicable
Create metrics reports related to A&C scope, tailored to audience
Strong planning skills, effectively manage and execute multiple activities with minimal customer disruption and within agreed-upon requirements
Coach, manage and train team of managers and/or staff personnel as needed
Build relationships with member firm and DT contacts across all levels
Foster a diverse and high-performing team with appropriate competencies

Required Education, Qualifications, and Experience:

Bachelor’s degree or equivalent experience
10+years of Information security management system audits and compliance certification and/or infrastructure operations experience.
At least 5 years leadership experience in a large global enterprise environment managing teams
At least 5 years of people management experience, proven leadership and coaching abilities
Proven track record of managing internal and external audits
Ability to lead in complex situations that require significant judgment and discretion
Ability to form long-term, strategic relationships and cultivate a network across Deloitte
Ability to influence decision-making through high level data analysis.
Ability to critically analyze results to detect trends. errors, anomalies or conflicts. Relate analysis to business strategy and process
Strong understanding of audit frameworks & technical standards
Knowledge of significant global security and privacy laws and regulations (e.g., GDPR)
Excellent verbal and written communication skills
Effectively prepare presentation and business material; and succinctly document internal processes

Preferred:
Certification in at least one of the following: ISO 27001 Lead Auditor /Implementer, CISA, CRISC, CISM, CGEIT, CMMI, PMP