Information Security Risk Analyst cum Auditor

Overview:

Key Responsibilities:

• Conduct risk assessments to identify and prioritize security vulnerabilities.
• Develop and implement risk mitigation strategies and control measures.
• Perform security audits and assessments to evaluate compliance with regulatory requirements.
• Review and analyze security policies and procedures to ensure effectiveness.
• Identify and report on potential security breaches or incidents.
• Collaborate with crossfunctional teams to implement security measures and best practices.
• Provide recommendations for enhancing security protocols and procedures.
• Conduct regular security awareness training for staff to promote a securityconscious culture.
• Prepare and present comprehensive reports on risk assessment findings and audit results.
• Stay informed about the latest security threats vulnerabilities and technologies.

Required Qualifications:

• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.
• Proven experience in information security risk analysis and auditing.
• Proficiency in risk assessment methodologies and tools.
• Sound knowledge of security standards regulations and best practices (e.g. ISO 27001 NIST GDPR).
• Strong understanding of audit principles and regulatory compliance requirements.
• Excellent analytical and problemsolving skills.
• Effective communication and report writing abilities.
• Ability to work independently and collaboratively in a team environment.
• Attention to detail and strong organizational skills.

risk analysis,information security,audit management,compliance,report writing,risk assessment