Northern Operating Services - Lead - IT Audit/Risk Management (7-10 yrs)

Job Role: Sr. Associate/Lead, Cyber Sec Risk Mgmt

Job Location: Pune

Experience: 7+ years

Skills: IT Audit, IT Risk Mgmt, SOC Reports, NIST Frameworks, TPRM

Job Description:

Responsibilities:

- Perform information security risk assessment processes for new and existing Northern Trusts third parties business partners.

Demonstrate some proven knowledge on some of the following domains:

- Information Security Governance and Risk Management

- Access Control

- Vulnerability and Penetration

- Network Security

- Application Security

- Cryptography

- Security Architecture and Design

- Operations Security

- Business Continuity and Disaster Recovery Planning

- Legal, Regulations, Investigations and Compliance

- Physical and Environmental Security

- Cloud Security

- Perform assessment of IT controls operation, identifying, gaps, risks and areas for improvement.

- Report writing skills.

- Knowledge on regulations related to banking and compliance.

- Should be well versed with contract language, analysis and negotiation process.

- Responsible for reviewing master services contracts of the third parties to identify information technology and security related clauses.

- Responsible for working with procurement teams to formulate/renew the contracts as per the information security team guidelines.

- Responsible for documenting, and reporting to management, all findings from risk assessment processes.

- Collaborate with internal stakeholders & functional teams to ensure that all identified risks within each third party are assigned to business owners and tracked for timely closure.

- Able to interact in a professional manner and develop relationships with individuals and teams at any level in Northern Trust.

- Foster a positive and collaborative environment.

- Demonstrate ability to work well in both an individual contributor and team capacity.

- Rapidly and effectively adapt to a highly dynamic and fast-paced work environment.

Skills Preferred:

- Excellent written and verbal communication skills.

- Able to converse and develop business relationships with individuals and teams at any level within Northern Trust.

- Knowledge of IT Security Domains / Frameworks (e.g., NIST, ISO27001).

- Knowledge of Compliance regulations.

- Understanding of IT Audit process.

- In-depth understanding of information security, risk assessments, security risk management principles.

- Principle understanding of Technology controls relating to Application and system vulnerabilities.

- Advanced experience with MS Office, SharePoint, and Reporting tools.

- Ability to develop visual representations of processes and risks to support executive updates.

We want to take it ahead for further screening and interview rounds.

Please respond back at the earliest to move your candidature ahead.