Description

You will own security governance and risk assessment activities for technology systems.

Responsibilities

• Review technical design documents to identify security risks and recommend appropriate controls.
• Assess projects, infrastructure, cloud applications, and vendor solutions against security and compliance requirements.
• Conduct risk assessments across applications, networks, and systems, tracking and recommending remediation.
• Translate technical, legal, and compliance obligations into actionable security controls.
• Validate control designs and test effectiveness post-deployment, reviewing VA/PT results.

Required Skills

• 5+ years of experience in GRC or security consulting.
• Knowledge of ISO 27001/22301/27005, SOX, ITGC, SOC1/2, and OWASP Top 10.
• Expertise in Cloud Security (SaaS, IaaS, PaaS) and on-premise infrastructure security.
• Proficiency in DevSecOps practices and secure application development.
• Experience with Network, Data, Endpoint Security, and IAM implementation.
• Familiarity with Business Continuity and Disaster Recovery principles.
• Ability to enforce security standards across project and support teams.

Key Skills

Education

Any Graduate