Description

Roles and Responsibilities 

Coordinate Information Security support for prospect calls, ensuring swift responses in competitive scenarios.Manage the On-Call rotation schedule and Jira requests, ensuring proper ticket handling and effective communication with stakeholders.Handle initial assignment and reassignment of tickets, ensuring closure and professional engagement with the Security Analyst team.Coordinate Security Assessments (SOC1, SOC2, PCI DSS, etc)Communicate effectively with customers, promptly closing tickets with clear and professional responses.Identify and capture risk concerns, mapping audit evidence to NIST controls.Own all tickets coming into the client assurance portal, managing SLAs and completion of requests, including third-party risk and Vendor management reviews.Ensure all activities are properly documented, tickets are communicated professionally, and documentation is organized efficiently.Develop and document processes for the entire team, managing adherence to evolving requirements.Experience with GRC tools, and other reporting or Audit tools, ensuring continuous improvement for the overall Information Security function.Responsible for new hire training and ongoing, up-to-date training for the larger Enterprise security team to meet compliance requirements.Assist with required governance, risk, compliance and audit tasks or activities such as assisting with audit evidence collection e.g., SOC2, SOC1, PCI, etc. Manage & Maintain the Security policies align with NIST framework.Update the Assurance section of the weekly Control Report and present relevant information during management calls.Identify ongoing training for team members, staying informed about security conferences, and educating the team on relevant tools.

Requirements

Strong Communication (Verbal and Written) and presentation skills.Self-Starter that can effectively operate at a high level under limited supervision. Bachelor’s/master’s in engineering/Cybersecurity or equivalent.CISA, CISM, CISSP certifications would be an added advantage.Knowledge of NIST Risk Management Framework (RMF), GRC tools.Ability to prioritize tasks, make quick decisions, and a strong understanding of security controls and governance.3 - 6 years of experience in Information Security or ITGC auditee/auditor function handling complex requests and audit responses.Previous management experience would be a plus.A strong understanding of cybersecurity principles, concepts, and best practices.Familiarity with compliance frameworks or standards such as NIST, GDPR, SOC 1 and SOC 2, and PCI DSS service providers is an added advantage.Ability to understand prioritize and escalate tasks to resolve issues quickly and make decisions.