Analyst, IT Compliance

About TresVista

TresVista is a global enterprise whose business model is built to deliver enduring value. TresVista combines best practices, technology-enabled execution, and industry-leading talent to drive meaningful results. By integrating advisory capabilities with scalable delivery, TresVista helps clients operate smarter and grow stronger. TresVista's services include investment diligence, industry research, valuation, fund administration, accounting, and data analytics.

Department Overview

The Compliance department at TresVista plays a pivotal role in improving firm's risk posture and safeguarding the firm’s equity value by ensuring adherence to Compliance standards, internal policies and industry best practices. As strategic partners to business teams, we enable risk-aware decision-making, proactively identify potential risks, design effective controls and promote a culture of Compliance and accountability. Joining the Compliance team means working on high-impact processes and initiatives that contribute directly to the firm’s resilience, reputation and long-term success.

Key Role Deliverables:

• Facilitating ISO and SOC 2 corporate-wide examinations
• Assisting special compliance and audit related projects as assigned
• Assisting internal VAPT audits and sharing the reports with the management
• Planning and conducting testing to confirm continuous efficiency and effectiveness of information system controls
• Understanding the business and IT infrastructure including applications and servers through interactions and walkthrough
• Managing and measuring the IT Security Framework and developing and maintaining a technology risk assessment program for business applications and processes
• Collecting information and reviewing information systems policies, standards and procedures to verify that they address the organization's internal and external requirements and to identify information systems control deficiencies
• Performing a root cause analysis of the various risks/ incidents identified and development of solutions to mitigate the risks and the flow of data and information and performing a threat and risk analysis of each process
• Assisting with development and implementation of corporate compliance procedures and controls
• Keeping the department updated with the latest technological changes and cybersecurity advancements
• Reviewing of Business Impact Analysis, Risk Assessment, Current State Network assessment and Recovery Strategy Analysis

Prerequisites:

• Attention to detail
• Good understanding of IT and network security
• Experience of working in cyber security risk management preferred
• Excellent time management skills preferred
• Ability to work well under pressure with tight deadlines while delivering high quality and output

Experience

1-3 years

Education

• BE/ B.Tech or equivalent specialization in IT are preferred
• One or more of the following information security certifications or advanced degree in information security/cybersecurity: CISSP/SSCP/CISM/CRSC/CISA/HISP or equivalent
• CEH V11 or other equivalent Ethical Hacker degree is preferable

Compensation

The compensation structure will be as per industry standards