Job Description :

· Review and update of the information asset register in accordance with RBI, UIDAI and ISO 27001:2013 requirements

·Review the classification levels of data, maintaining risk register and tracking.

·Create and Managing the KRI matrix and thresholds as per compliance, technology, policy and process

·Conduct Data privacy or PII reviews with intra department for PII protection for customers and employees

·Conduct policy and process risk assessment of vendors, while on boarding, evaluation and to monitor, and maintaining the same.

·Provide assistance in IT security product & services risk assessment during evaluation and procurement.

·Track the annual review, changes of all policies and procedures, draft and update/consolidate to policy documents as needed.

·Assist in preparing decks/updates for committee meetings and other management review decks.

·Review the reports and alerts and ensure to close with service groups

·Access Control Reviews for cloud, application and infrastructure.

·Comprehensive risk assessment and control testing to be carried out annually and sustenance.

·Assist in conducting the various simulations and campaigns for awareness and maintain measure the effectiveness

·Assist in Information security projects implementation

·Conduct access control, change management and other process level reviews

·Timely escalation to right stakeholder, if any deliverable is at risk.

·Working closely with IT and other business function of the organization for IS assessments and various risk review activities.

If you are interested and looking for an immediate job change, please share your resume at sagar.kaushik@northernarc.com