Location : Cebu – Philippines Shift: Rotational shift Work form office Mandatory sills: Information security and Audit Expertise in cyber security frameworks such as ISO27001, NIST 800-53, NIST CSF, PCI-DSS, ISO22301, data privacy etc. Skilled in risk management, risk assessment and analysis, internal audit Technical knowledge in the security domains such as information security management and governance, systems and network security, Physical and logical IT controls, application security, data security, cloud security, access controls, authentication, or security protocols etc. Experience in conducting vendor onsite assessments. Experience of assessing cloud service providers(CSP) will be an added advantage. Understanding third-party risk management concepts, exposure to third party (or) outsourcing regulatory requirements. Associate should be able to test both Physical and Logical IT controls and should be an SME in reviewing, identifying gaps, issue logging , monitoring and tracking for closure Consultant must be working out of Vendor office/onsite – 9 hrs a shift. Shift Time: 8pm to 5 am Local Time. Consultant should be willing travel in & around the city GRC Process