Job
Description
Experience in Internal Control, General Computer and Application Control Audit background. Knowledge and experience in various Information security standards / regulations / best practices (ISO-27001, COBIT, PCI-DSS, GDPR, HIPAA, SOC2, etc. Knowledge of efficient way to protect the system, networks, software, data and information systems against security threats. Experience collaborating with a team of security experts in a diverse set of security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, data loss prevention and privacy Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Good understanding of, and experience with Information Risk Management, IT Security and Compliance and Security Controls and Audit. Understanding of internal and external IT security standards, SOX, PCI, SOC2/1, ISO27001 standards and relevant legal compliance aspects Good understanding of cloud security requirements and third-party control assurance. Ability to interface with different groups (Third parties, Business and IT) internal and external to IT (security) and to network globally across Group businesses, as well as with external groups. Experience collaborating with a team of security experts in a diverse set of security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, data loss prevention and privacy Preferred technical and professional experience Knowledge of Data Security StandardsPCI DSS, Privacy Principles Driving Platform / Application security and compliance Ability to foresee and identify mitigation strategies for Risks & Analytical and problem solving skills
