Company Profile:

Bruhat is an AIHR Artificial Intelligence in HR company that utilizes artificial intelligence to make it easier for hiring corporates to not only effectively manage their people requirements but also obtain actionable insights to drive productivity and engagement

Job description:

Role: Information Security Compliance & Audit Assurance

Purpose of the role: Plan and Assess Security compliance audit assurance programme for the client accounts to support all compliance audit and certification reviews in line with client contractual commitments and enterprise policies & standards
Liaise with organization technology security policy, ISO 27001, Data privacy and requirement to remediate new and outstanding issues; track security-related issues.

Position reports to: Director – Information Security (Information Security Compliance & Audit Assurance)

Positions that report to this position: Not Applicable

Key interactions:
Internal: Internal Audit, Information Security, IT, HR, Physical Security, Admin/Facilities, BCM, Data Privacy and Delivery Operations
External: External Auditors, Clients

Size of operations: NA

Main Responsibilities:
•    Responsible for validating compliance to enterprise controls and client mandates of all info security, network, data security and data management controls across all locations for client account 
•    Own and deliver all security related audits and Certifications pertaining to client account contractual requirements
•    Proficient in security compliance assurance programme implementation with a defined calendar schedule for assurance review / audit
•    Strong presentation skills to demonstrate client account level compliance to enterprise security & monitoring controls and client contractual commitments from compliance perspective
•    Ensure security gaps identification, assessment, quantification, reporting, communication, mitigation and monitoring
•    In-depth knowledge of security compliance and assurance concepts including risk assessment, risk acceptance process, vulnerability management, etc.
•    Revise and develop processes to strengthen the current Security Assurance Framework, Review policies & client contractual documents to highlight the challenges/dependencies in managing SLAs
•    Creation of reports, dashboards, metrics for security compliance & assurance operations and presentation to CISO and enterprise leadership
•    Oversee and / or conduct information security audits as per internal defined schedule and support facilitation of client / certification audits.

Qualifications:
•    A bachelor’s degree required. 
•    Security certifications such as CISSP is an advantage. 
•    Experience of at-least 4 years in Information Security domain.
•    Experience with audit/consulting firm would be an added advantage

Functional Skills:
•    Strong understanding of Security Compliance and Risk Assurance.
•    Strong knowledge of risk assessment, security incident management, compliance audits, security metrics
•    Sound knowledge of ISO 27001:2013, Knowledge of NIST 800-53 and NIST Cybersecurity Framework
•    Working knowledge of industry standards such as SOC1/SOC2, CIS
•    Working knowledge of privacy standards such as GDPR/ CCPA