Application Risk Management Consultant
Act as the functional specialist for Cyber Security Risk Management (CSRM):
- Advanced knowledge on various Risk Methodologies – Octave, ISO31000 etc.
- Adopt, Define, Implement, evolve the risk framework for the Organization.
- Conduct / Facilitate smooth conduct of Risk Assessment on Applications, Network& Systems.
- SME Knowledge on conducting data security and privacy assessments.
- Proactively review Indigo’s information security and related risks w.r.t threats and vulnerabilities & compliances (ISO,PCIDSS, SOC1/2 , SSAE etc.)
- Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the CSRM requirements and its implementation methodologies.
- Work with Project Managers, Business Analysts, Architecture and Support Team to ensure Indigo’s CSRM standards are being followed.
- Responsible for Cyber security and Data Privacy awareness
- Actively participate in reviewing and improving the data Security and privacy controls implemented in the organization.
- Active participation in the Assurance and Architecture level discussions in the engagements.
- Serves as CSRM entity for creating Security awareness sessions both scheduled (Induction) and ad-hoc ones.
- Good understanding of, and experience with Information Risk Management, Audit (internal and external), and Business (IT) Controls.
- Advanced understanding of internal and external IT security standards, PCI standards and relevant legal compliance aspects like GDPR, Various compliances like ISO, BSI etc.
- Robust understanding of, and solid experiences with the impact of CSRM on application development and operations as well as the IT Infrastructure.
- Ability to interface with different groups (Third parties, Business and IT) internal and external to IT (security) and to network across Group businesses, as well as with external groups.
- Technical knowledge & relevant experience in security domains /technologies related to:
Data Privacy and Business Impact Assessment - PCI DSS, Privacy Principles, GDPR etc.
Data Classification discussions with business.
- Driving Platform / Application security and compliance as part of Project Engagement.
- Ability to foresee and identify mitigation strategies for Risks Candidate must also:
Display excellent communicating and influencing skills
Display analytical and problem solving skills
Be pro-active and self-motivated
- A qualification in CISA, CRISC or CISM Experience
- Must have previous experience in an (Information/Cyber) Risk Management team .
“IndiGo never asks for money for interview or hiring.
Refer to our job website - careers.goindigo.in or goindigo.app.param.ai for official job postings”