Third-Party Risk Management (TPRM) - Information Security Senior Consultant
₹150000-250000 INR
Kiszállításkor fizetve
Job Description:
Key Responsibilities:
• Performing risk assessment for business applications, business processes, and specific scenarios (when outsourcing is considered, for critical changes, prior to projects, and when considering a new product or technology) following our Information Security Risk Management Methodology.
• Participate in Security Assessments/Compliance of infrastructure, systems and applications, changes and provide required advise from risk perspectives
• Work on improvements for provided security services, including the continuous enhancement of existing risk practice and methodology material.
• Work on measuring the effectiveness of Risk KPI/KRI and work to improve it on regular basis.
Experience / Competency:
• Prior experience in conducting information security asset based risk assessments taking into account asset value, threat-vulnerability, likelihood, and impact.
• Prior experience in conducting risk assessment for business applications, databases, servers, network devices, mobile applications.
• Prior experience in conducting project risk assessment and new technology / IT change risk assessments.
• Prior experience defining vendor risk framework and conducting vendor / third party risk assessments.
• Understanding of ISO 27001, ISO 31000, OCTAVE, NIST risk management methodologies.
• Understanding of threats, vulnerabilities, IT network architecture, security controls and solutions.
• Ability to understand VA/PT and any other technical assessment findings and provide recommendations.
• Good understanding of secure SDLC, cryptography
• Good understanding of BCM, IT DR with perspective of addressing cyber security risks.
• Experience with risk assessment in banking sector is desired and preferred.
• Ability to develop quality reports and presentations
Projektazonosító: #34409044
A projektről
5 szabadúszó tett átlagosan 195000₹ összegű árajánlatot erre a munkára
I am a Cyber and information security expert and I have passed CEH. I invest my time and skills to help people protect their businesses from Cybercriminals. My specialties are 10+-years of experience, Information Secur Továbbiak
Dear Sir, I am lead auditor iso 27001. I have done may project worldwide related information security controls. I would like to know about organisational scope & application detaisl
Hi, I am cyber security certified professional having extensive experience in assessing projects related to security. Please let me know if we can chat more on this. Thanks,