Senior Executive

Roles& Responsibility

• Develop and implement security policies, procedures, and controls to mitigate identified risks and ensure vendor compliance with organizational standards.
• Conduct thorough risk assessments of potential and existing third-party vendors to identify potential vulnerabilities and threats.
• Continuously monitor the vendor performance, including adherence to contractual agreements and security controls, and taking corrective action when necessary.
• Administer & Coordinate with the functional stakeholders for smooth implementation and monitoring of Risk & compliance systems
• Review, maintain and continual improvement of Risk Management requirements as per Omega Healthcare Standards and industry wide best practices.
• Serve as Internal Risk management consultant to the organization. Responsible for security planning and effectively managing information security and operation risk risks within the operating environment.
• Initiate, facilitate, and promote activities to create Risk Management awareness within the organization.
• Facilitate cross functional department SPOC to review their Policies and procedures document and other Risk and Compliance activities
• Provide regular updates to management on the status of third-party risk and communicate potential risks and mitigation strategies to relevant stakeholders.
• Warrant appropriate methodologies for various processes of Compliance systems, e.g., risk assessment, risk treatment, document classification, etc.
• Develop engaging content and maintain communication channels to create and conduct Information Security Awareness training and event
• Develop the event strategy, calendar, manage event logistics and budget.
• Coordinate with other departments and stakeholders, analyse event effectiveness and identify areas for improvement
• Need to have exposure to Client Questionnaire, Vendor Risk Assessment, RFP/RFI

Qualification

• Any graduate with good communication skills
• Overall IT experience of 5 to 10 years, with a minimum of 7 years in IT Security, Audit, or Compliance roles.
• Strong understanding of risk management principles and practices.
• Experience with conducting risk assessments and developing security policies.
• Ability to work independently and as part of a team.
• Proficiency in relevant software and tools (e.g., TPRM platforms, GRC tools)
• Experience of regulations/standards/frameworks like ISO 27001, 9001, HIPAA, HITRUST, HITECH, SOC1/2, NIST, PCI-DSS etc.
• Certifications like ISO 27001, CISA, CISM, CRISC, PCI-DSS is an advantag