Responsibilities
- Identify areas of breakthrough improvement (Six-sigma, Lean, Infinity A#), customize the strategy; Implement the action plan
- Perform risk assessment, identify the risk levels, perform root cause analysis, identify risk mitigation action items (involving multiple groups), report risk levels to relevant stakeholders.
- Periodic assessment of the processes, ensuring compliance and facilitate the project team to fix the Gaps
- Review, update and maintain the Process management and documentations
- Coordinate with BU teams on the Audit schedule, RFI, clarification of findings, management response/closure of findings.
- Facilitate to arrive quality plan for a project, analyse project performance and report the process performance to Senior Management.
- Identify areas of improvement at project levels, coach project managers on strategies for improvement, customize the strategy for projects and implementation of strategy.
Requirements
- Degree in Information Systems / Computer Science / Information Security or equivalent
- At least 10 years’ experience in Quality assurance, IT Audit related activities in the financial industry
- At least 6 years’ experience in managing IT related risks arising primarily due to changes in the technology landscape (Technology obsolescence, Tech refresh) and Vulnerabilities
- Experience in performing process assessment, security reviews, risk assessments and administering IT security controls in an organization
- Implementation experience and expertise in driving the improvement initiatives, application security, vulnerability management and security incident management
- Knowledge on various assessment framework, standards and regulatory/compliance requirements along with relevant certifications
- Good understanding of AWS/Azure Cloud Security awareness
- Strong Stakeholder and Change management skills
- Excellent auditing experience and negotiation skills
- Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and risks.
- Exposure to ISO 27001, OSPAR, SSAEs, CMMi, ISO 9001, ITIL, ISO 20000, Lean & Six-sigma standards is preferred