Cyber Security Specialist Tro GRC(ERM)

job title: cyber security specialist tro grc(erm).

roles & responsibilities:

experience, education, skills, licensure, or training required:

the cybersecurity specialist must be self-motivated, be a great team player who values results,

be professional, and be well-rounded technically. should be able to conduct a guide and conduct an audit across

cybersecurity frameworks, works iso , cmmc, cmmi, and fair (factor analysis of information risk). ability

to conduct risk assessments and audits to support the above framework. work with all areas of business

units, it departments, and third parties, guiding areas of process improvement surrounding

policy, procedures, and standards for the above frameworks.

• interface with team members, departments, and outside associates. can work directly with all levels of

management and other corporate team members in person as needed.

• work with all levels of users and management levels, while being able to understand business needs

and communicate necessary it security and compliance requirements and needs.

• have an extensive knowledge of the development of enterprise-level policies, standards, and procedures

and the ability to determine what is needed and communicate it professionally in writing.

• learn to analyze software, networks, and scan data to identify vulnerabilities to support compliance

requirements.

• assist with and implement process improvement to support it security, it, and grc requirements to

support risk and compliance audits.

• oversee, develop, and provide guidance where needed for compliance requirement programs, risk

assessments and audits.

• prior experience defining risk management framework and leading implementation.

• needs to understand common risk management frameworks and risk assessment approaches.

• identifies key risks in business units, sites & actions to mitigate these risks.

• identifies operational control weaknesses.

• has rolled out risk management across business units periodically

• monitored remediation programs, ensuring root causes of operational risk issues

• review and develop risk policies in accordance

preferred experience/skills:

candidate must have 5-6 years’ experience managing enterprise-level security audit and compliance

and/or risk management programs with successful results. this person must communicate well with the

management and above, both verbally and in writing, while balancing the business needs and security

requirements. experience working in the “big four auditing firms” or other risk management

preferred.

education: graduate/postgraduate in any discipline. certification in cisa, auditor certification in

iso27001, cmmi, cmmc;

• Experience

  5 - 7 Years

• No. of Openings

  2

• Education

  Graduate (B.Tech/B.E)

• Role

  Cyber Security Engineer

• Industry Type

  IT-Hardware & Networking / IT-Software / Software Services

• Gender

  [ Male / Female ]

• Job Country

  India

• Type of Job

  Full Time

• Work Location Type

  Work from Office

• Face interview location

  ravi@cybernovainnovations.com