Sr. information security analyst

Posted: May 20, 2021, 11:54 a.m. - Full Time - Ahmedabad

• Perform HITRUST, HIPAA and ISO 27001 internal audits and monitor gap remediation efforts;
• Support and co-ordinate with operations, IT, Development, HR, Admin and other teams and guide them with required policies & procedures;
• Help implementing required controls to operations and support functions
• Oversee & Manage day to day compliance team deliverables
• Audit day-to-day security operations and high-visibility business processes;
• Manage the end-user security awareness training program & Compliance Hotline;
• Maintain a catalog of all internal security controls across the enterprise to include their mapping to the above security frameworks
• Maintain security documentation and diagrams
• Review and coordinate changes to information security policies, procedures, and standards in an continuous improvement model
• Performing Business Impact Analysis, Risk Analysis, perform targeted fieldwork to test internal controls across the company’s application, infrastructure, and databases, as well as key business processes;
• Supporting and challenging the business to effectively identify, manage and report on IT business risk, including ensuring that committees and governance structures are functioning effectively
• Supporting the Compliance Head in developing and maintaining an effective Global Compliance Program that ensures that the group’s policies are embedded in the business, that good practice is shared, and that any compliance breaches are investigated and resolved promptly.
• Develop and foster strong professional relationships within company;
• Build the department’s standing and credibility throughout the organization;
• Perform risk assessments, provide security trainings, develop security training materials, etc.
• Participate in departmental activities and initiatives
• Define and develop and implement security methodologies across the organization as required
• Review policies and suggest best practices
• Perform internal audits and provide recommendations
• Work with senior management and IT in identifying technology roadmap
• Lead the team and act as a single point of contact for the management
• Coach and mentor the team on best practices in information security
• Manage work allocation and monitor team’s activities to ensure smooth delivery
• Work with cross department head’s in ensuring the deliverables are defined and agreed
• Work with management and other teams in identifying business continuity program