ISO 27001 / SOC 2 Process controller (1 - 3 years of experience)

[REMOTE]

23 Nov 2022

Job Title : - ISO 27001 / SOC 2 Process Controller (Full Time)

Experience Level : 1 - 3 years of experience in security or risk management, performing security assessments in a client-facing/ consulting role

Job Location : Mohali (Remote)

Educational Qualifications : 

  •  Bachelors Degree in a technical discipline or equivalent work experience in IT and/or Security.

  • Any degree in Total Quality Management, or Process Management 

  • Any certification of Process Audit like ISO / SOC 2 is preferred.

  • Any degree in Quality Control management or similar.

Technical Background/ Tools :

           In audit of ISO 27001 / SOC 2 Type 2, Vanta, Drata

 

Minimum Required Skills :

  • Information Security framework implementation (ISFMI) 

  • Risk Management framework, Drafting Risk Registers

  • Incident management, Incident tracker

  • Experience in conducting internal and external audits

  • Experience in Service Organization trust service criteria (SOC 1 & 2) is preferred.

  • Excellent writing skills needed to deliver reports detailing findings and associated recommendations for information security programs to help meet the client security and compliance standards.

  • Bachelors Degree in a technical discipline or equivalent work experience in IT and/or Security.

  • 1 - 3 years of experience in security or risk management, performing security assessments in a client-facing/ consulting role.

  • Highly Professionalism, problem-solving, customer-facing and handling skills, time management, good english communication (written and verbal), presentation skills, active listening, flexibility.

  • Ability to think holistically and identify areas of technical and non-technical risk.

  • Knowledge of writing technical reports and presenting to non-technical audiences.

  • Comfortable working in ambiguous and/or undefined situations.

  • Must be available for on-project travel.

 

Job Role & Responsibilities

  • Manage, maintain, and improve the compliance management of internal controls to meet internal and external compliance SOC2 and ISO 27001 security requirements.

  • Evaluate the design and test the operating effectiveness of key controls identified and provide control enhancement recommendations as appropriate

  • Assist with tracking audit exceptions for all audits performed.

  • Contribute to other risk management activities, which may include exception monitoring and tracking, vendor viability assessments, and other special projects as needed

  • Determines compliance by establishing compliance test standards, conducting and witnessing tests, performing diagnostic procedures, measuring performance, analyzing and evaluating findings, and performing forensic analysis and troubleshooting of failures.

  • Attains compliance by isolating and resolving compliance issues, recommending product and process changes, and initiating engineering change orders.

  • Documents compliance by completing approval applications, recording test results, preparing investigative reports, preparing, and filing Declarations of Conformity, and maintaining compliance database.

  • Maintains engineering team accomplishments by reviewing open issues and action items, coordinating actions, and contributing information and analysis to team meetings and reports.

  • Prepares compliance reports by collecting, analyzing, and summarizing measurement data and trends.

  • Experience with Vanta or Drata type of platform is preferred. 

  • Working of Google Cloud , AWS is preferred

Associate

Full Time

[REMOTE]


Share Job Opening