Trainee - ESGC

. BASIC INFORMATION ON THE POSITION Position Name Trainee - ESGC Mandatory/Required Skills Location Location Mandatory/Required Skills PURPOSE OF THE ROLE To ensure Enterprise Risk management framework and Information Security Management System are effectively implemented in line with the business objectives KEY RESPONSIBILITIES AND ACCOUNTABILITIES 1. Extend support to Implement customer specific information security / enterprise risk related requirements 2. Coordinate and communicate with internal customers to ensure compliance of security / risk guidelines 3. Conduct audit to ensure compliance with customer risk / security requirements 4. Contribute towards customer audits ensuring successful completion 5. Participate in Customer calls when needed and understand customer expectations 6. Provide periodic updates on the implementation status 1. Document procedures and policies based on inputs provided 2. Support implement ISMS (Information Security Management System) framework. 3. Implement new security initiatives and improvements 4. Collect applicable measures and perform periodic analysis as per the measurement program 5. Provide updates periodically 6. Prepare Plan and conduct periodic internal audits 7. Track all internal/external audit findings to closure 8. Implement ERM and conduct risk based audit 9. Conduct surprise/ random audits and track findings to closure 10. Complete the assigned activities like Risk exception, reconciliation, VAPT, etc within the defined SLA 11. Participate in external audits by ensuring readiness of functions providing necessary support for successful completion 1. Understand, align with the goals, roles and responsibilities and provide updates about performance against the set goals 2. Train and mentor team members as appropriate 3. Upgrade competency (skills) in line with the current industry practices and business objectives EDUCATION QUALIFICATION BE/MBA ISO27001 lead auditor s certification CISA/ CISSP Certification (Preferred) PCI DSS Implementer certification MINIMUM EXPERIENCE REQUIRED 2-4 years relevant experience DOMAIN/ FUNCTIONAL SKILLS Knowledge of ISO27001 Standards ISO27005 Guidelines Knowledge of PCIDSS standard Knowledge of risk management (ISO31000) Understanding of organization s business and support processes Knowledge of IT Security, physical and environmental security and HR security controls Knowledge of regulatory requirements