Info Director
Info Director
Posted on :
24-07-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Required Qualifications:
Bachelors or Masters degree in Information Technology Cybersecurity Risk
Management or related field.
Minimum 5-7 years of progressive experience in GRC roles including at least
2 years in managerial capacity.
Proven expertise in automating GRC processes and managing AI-related
risks within complex organizational environments.
Strong knowledge of PCI DSS SOC 2 Type 2 TCPA SMS consent
compliance and related regulatory frameworks.
Experience managing vendor compliance and third-party risk assessments.
Relevant certifications such as CRISC CISM CISSP CGEIT or GRCP
preferred.
Excellent leadership communication and stakeholder management skills.
Ability to influence cross-functional teams and drive organizational change.
Bachelors or Masters degree in Information Technology Cybersecurity Risk
Management or related field.
Minimum 5-7 years of progressive experience in GRC roles including at least
2 years in managerial capacity.
Proven expertise in automating GRC processes and managing AI-related
risks within complex organizational environments.
Strong knowledge of PCI DSS SOC 2 Type 2 TCPA SMS consent
compliance and related regulatory frameworks.
Experience managing vendor compliance and third-party risk assessments.
Relevant certifications such as CRISC CISM CISSP CGEIT or GRCP
preferred.
Excellent leadership communication and stakeholder management skills.
Ability to influence cross-functional teams and drive organizational change.
Detailed General description of the role:
Including preparing control owners for audits interpreting control
requirements reviewing control evidence for appropriateness testing control
effectiveness presenting control evidence to external auditors and audit
planning with external auditors
In-depth knowledge of security controls interpreting control requirements for
SOC 2 ISO or HIPAA PCIDSS audits reviewing control evidence for
completeness an accuracy and ensuring evidence provided to auditors
satisfies control requirements.
Ability to of plan and lead meetings with control owners and external auditors.
Ability to clearly define control requirements to control owners or explaining
control evidence to external auditors.
Supports the Security Audit function by reviewing evidence submissions for
accuracy and completeness following up on audit requests and helping to
establish a continuous monitoring function.
Assist in testing and verification of all controls and formulating reports
documenting findings.
Recommends and assists in the definition and implementation of security
controls in accordance with enterprise policies standards and procedures.
Work closely with internal business teams to assist in the identification and
assessment of potential security risks and establish risk owners ratings and
management action plans.
Including preparing control owners for audits interpreting control
requirements reviewing control evidence for appropriateness testing control
effectiveness presenting control evidence to external auditors and audit
planning with external auditors
In-depth knowledge of security controls interpreting control requirements for
SOC 2 ISO or HIPAA PCIDSS audits reviewing control evidence for
completeness an accuracy and ensuring evidence provided to auditors
satisfies control requirements.
Ability to of plan and lead meetings with control owners and external auditors.
Ability to clearly define control requirements to control owners or explaining
control evidence to external auditors.
Supports the Security Audit function by reviewing evidence submissions for
accuracy and completeness following up on audit requests and helping to
establish a continuous monitoring function.
Assist in testing and verification of all controls and formulating reports
documenting findings.
Recommends and assists in the definition and implementation of security
controls in accordance with enterprise policies standards and procedures.
Work closely with internal business teams to assist in the identification and
assessment of potential security risks and establish risk owners ratings and
management action plans.
Ensure continuity of compliance with ISO27001 and ISO 22301 PCI DSS
HIPAA GDPR
Analyse potential impact of new threats and communicates risks to
relevant business units
Manage security operations analyse security exceptions gather necessary
background information document exceptions and ensure that the risk is
recognized and managed with compensating controls
Provide orientation to Business Units on Risk Assessment Business
Continuity Plan and Business Impact Analysis
Facilitate in preparation of Business continuity plan for each project and
functions
Conduct internal ISMS and BCMS audits and identify potential gaps in the
system
Prepare detailed and summary reports of assessments remediation plans as
needed and advise internal stakeholders
Report the audit findings on the potential weakness in the system and areas
of improvement
HIPAA GDPR
Analyse potential impact of new threats and communicates risks to
relevant business units
Manage security operations analyse security exceptions gather necessary
background information document exceptions and ensure that the risk is
recognized and managed with compensating controls
Provide orientation to Business Units on Risk Assessment Business
Continuity Plan and Business Impact Analysis
Facilitate in preparation of Business continuity plan for each project and
functions
Conduct internal ISMS and BCMS audits and identify potential gaps in the
system
Prepare detailed and summary reports of assessments remediation plans as
needed and advise internal stakeholders
Report the audit findings on the potential weakness in the system and areas
of improvement
Employment Type
Full-time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
