Manager - information risk management & security

As a Manager in Information Risk Management & Security, you will be responsible for providing governance and oversight support for SOC-based HITRUST and PCI certifications and attestations. Your role will involve consultative support to business units regarding SOC HITRUST and PCI DSS controls, as well as support for SOC PCI DSS HITRUST and internal risk assessments across business and affiliates. It is essential for you to have knowledge of privacy laws, security standards, rules, and regulations to effectively carry out your responsibilities. Key Responsibilities: - Utilize your background in security audits and assessments to ensure compliance with relevant standards. - Coordinate and oversee the audit assessment lifecycle, including initiating, scoping, planning, execution, remediation, and certification. - Administer and maintain information systems used to govern SOC HITRUST and PCI DSS assessments. - Communicate proactively and in a structured manner to ensure situational awareness among impacted stakeholders. - Provide consultation to business units and other stakeholders on audit controls, security standards, scoping, and facilitate consultation with third-party assessment firms. - Govern the HITRUST Certifications program, including third-party assessor management, maintenance of program policies, standards, procedures, facilitation of program improvement processes, and management of program governance information systems. - Collaborate with security audit and IT teams to optimize assessment activities and maximize efficiency while maintaining quality and integrity of assessments and audits. Qualifications Required: - Minimum 5 years of experience in an information security or related field, with expertise in governance, information risk management, and security audits and assessments. Additional Information: The company is in the ITES/BPO/KPO industry, focusing on ITES/BPO/Customer Service. The role requires a Graduation degree and offers full-time, permanent employment. Key Skills: - GO-TO-MARKET (GTM) STRATEGY & PLANNING - SOC - CYBERSECURITY - SECURITY OPERATION CENTRE If you are passionate about information risk management and security, and possess the necessary experience and skills, we encourage you to apply for this challenging opportunity. As a Manager in Information Risk Management & Security, you will be responsible for providing governance and oversight support for SOC-based HITRUST and PCI certifications and attestations. Your role will involve consultative support to business units regarding SOC HITRUST and PCI DSS controls, as well as support for SOC PCI DSS HITRUST and internal risk assessments across business and affiliates. It is essential for you to have knowledge of privacy laws, security standards, rules, and regulations to effectively carry out your responsibilities. Key Responsibilities: - Utilize your background in security audits and assessments to ensure compliance with relevant standards. - Coordinate and oversee the audit assessment lifecycle, including initiating, scoping, planning, execution, remediation, and certification. - Administer and maintain information systems used to govern SOC HITRUST and PCI DSS assessments. - Communicate proactively and in a structured manner to ensure situational awareness among impacted stakeholders. - Provide consultation to business units and other stakeholders on audit controls, security standards, scoping, and facilitate consultation with third-party assessment firms. - Govern the HITRUST Certifications program, including third-party assessor management, maintenance of program policies, standards, procedures, facilitation of program improvement processes, and management of program governance information systems. - Collaborate with security audit and IT teams to optimize assessment activities and maximize efficiency while maintaining quality and integrity of assessments and audits. Qualifications Required: - Minimum 5 years of experience in an information security or related field, with expertise in governance, information risk management, and security audits and assessments. Additional Information: The company is in the ITES/BPO/KPO industry, focusing on ITES/BPO/Customer Service. The role requires a Graduation degree and offers full-time, permanent employment. Key Skills: - GO-TO-MARKET (GTM) STRATEGY & PLANNING - SOC - CYBERSECURITY - SECURITY OPERATION CENTRE If you are passionate about information risk management and security, and possess the necessary experience and skills, we encourage you to apply for this challenging opportunity.