- Overall 5-9 years of experience in the field of IT Security / Information Security / Cyber Security / Cloud Security
- Support Infrastructure Risk and Control function for Information and Technology Cyber Risk Management operations.
- Drive compliance with operational risk processes and manage technology, information, and cybersecurity risks within various business areas.
- Experience in IT Audits, IT General Controls, IT Attestation (SOC1/SOC2 Reporting), SOX-ITGC, etc.
- Experience in working with IT Risk Management frameworks to identify, analyse, mitigate, monitor and communicate IT risks
- Conduct risk assessments for process, applications, network infrastructure assets, and vendors
- Draft IT/Cyber risk assessment reports including findings, associated risks and recommendations
- Develop Key Risk Indicators (KRIs) and creating dashboards for continuous monitoring of the risks
- Experience in conducting IT controls validation and testing, and identifying control deficiencies
- Develop IT / Information security policies, standards and procedures
- Experience in working with leading industry standards such as NIST-CSF, ISO27001, ITIL, COBIT, PCI-DSS, CSA-CCM, CCSK, ISO27017, etc.