Description
Job type : ContractJob location : Stockholm, Sweden
Role : GRC Consultant
Details :
KEY RESPONSIBILITIES & JOB DESCRIPTION • Proven experience on leading and executing compliance & risk management processes
• Well versed and hands-on experience for defining establishing and implementing policies, process and controls for compliances and Certification to ISO27001
• Strong foundation & experience on data privacy specifically catering to the requirements outlined in GDPR
• Experience in conducting Privacy Impact Assessments, Security Breach management & executing privacy controls
• Expertise in Risk Management including conducting risk assessments, gap analysis and remediation
• Perform testing of internal controls specified in Information Security Policies and Perform internal audit reviews to assess the effectiveness of current information security control
• Experience in end to end ISAE 3402 SOC reporting
• Experience in performing remediation activities based on gaps found in audit reviews
• Conducting regular training for on Client Security Policy and Standard requirements.
• Experience in working on OneTrust for data privacy & RSA Archer functional knowledge
• Present reports and recommendations on information security and related issues
• Ensure timely and effective corrective actions are taken to correct deficiencies and provide status reporting.
• Liaison with security & operational teams for ensuring confidentiality, integrity & availability of customer information
• Excellent understanding & experience in IT infrastructure management which includes Networks, Data Centre Operations, Service Management/Service Desk, Server Management etc.
• Regulations Knowledge: SOX ITGC, GDPR, UK DPA, Privacy Shield
QUALIFICATIONS B.E/B. Tech (IT, CSE, Electronics) with MBA preferred. Candidates with following Certifications will be preferred:
• CISA/CGEIT/CISM/CISSP/CIPP/CIPM/CISSP
• ISO 27001 Lead Auditor