Ciudad de México
Empleado de tiempo completo
Nivel de Inglés: Nivel Avanzado
Skills and attributes for success
- Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to):
- Third Party Risk Assessments
- Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding
- Regulations/standards such as ISO 27001, NIST 800-53, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, COBIT, OWASP Top 10, etc.
- Business Continuity & Disaster Recovery
- Must have experience in client facing roles, performing third party risk assessments, conducting interviews with third parties
- Should have experience in assessing different kinds of environments (IT and non-IT) and should be able to apply cyber security and resiliency concepts in all these sectors.
- Experience in handling multiple vendors across various sectors like logistics, manufacturing/factory, assembling/integration, warehouse is an added advantage.
- Must possess the ability to handle discussions with stakeholders independently.
- Should be able to efficiently lead kick-off calls for third party security assessments, interviews/assessment discussions with the clients.
- Should have excellent client handling skills along with timely closure of stakeholder queries/RFI’s.
- Should be able to articulate complex technical requirements in layman terms and be able to communicate effectively to stakeholders.
- Must effectively collaborate with the stakeholders, understand the business context, assess the requirements based on a tailored questionnaire and document the gaps identified.
- Must have the ability to assess the evidences effectively and through thorough decision making, should be able to convince the customer on the gaps identified and report the findings identified in a timely manner.
- Experience in handling the remediation phase, post third party security assessment. Should have experience in reviewing remediation plans, providing recommendations and examples as necessary to aid the vendors.
- Should abide by the QA process within the team, supporting the QA and peer reviews of the deliverables.
- Experience in environmental/workplace safety standards (e.g., OSHA) is an advantage.
- Experienced in creation and review of security policy/procedures, and in performing risk assessments.
- Familiarity with network devices and security configurations, basic understanding of network security and architecture diagram reviews, access and perimeter control, VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures, SIEM, intrusion detection is a plus.
To qualify for the role, you must have:
- BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming.
- More than 5 Years of relevant experience.
- Strong Excel and PowerPoint skills.
- Should be proficient in leading medium to large engagements and coach junior staff.
Ideally, you’ll also have
- Project management skills.
- CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer.