News

Job Description :

- Carry out internal audit for IT infrastructure / support function based on unified compliance: ISO 27001, NIST, CSA
- Competent with best industry standards, regulations, framework requirements: ISO 27001, NIST, Cyber Security Framework, Cloud Security Alliance, Privacy.
- Develop and design policy, procedure, templates guidelines based on industry standards / regulation/ framework.
- Understand scope and schedule internal audit plan calendar.
- Conduct internal audit based on calendar plan and assess effectiveness and efficiency of controls implemented.
- Conduct and review cloud architecture / infrastructure / applications and highlights risks and mitigation controls.
- Review network configuration (firewall, IDS, IPS) and highlights risks and gaps.
- Publish report to stakeholders / management and follow up till closure.
- Excellent communications, documentations and presentation skills to management.
- To devise a mechanism for bringing improvements to security posture based on RCA/Trend analysis of (Internal and External) audit reports. Track and measure the improvements to closure for critical risks.
- Prior experience of at least 5 years in InfoSec Audit program management is a must.
- Should have managed highly technically skilled teams.
- Should also be an independent contributor at times.
- Exposure to ISO 27001, NIST, CSA implementation experience in large enterprise/Service provider environment.
- Good understanding of Application and IT infrastructure.