Sr. Advisor – Governance, Risk & Compliance
Dell EMC -
Cairo, EgyptPosted 4 years ago13People have clicked1 open position
Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Proactive compliance testing including control and process evaluation, including driving continuous control maturity improvements
- Governance of Information Security program practices across both corporate & customer software as a service (SaaS) environments
- Information Security Policy &Standard creation, governance and document management
- The Payment Card Industry Data Security Standard(PCI-DSS)& PCI 3D S quarterly activities an dannual assessments
- Facilitation and support customer audits of RSA Security’s product offerings
- Facilitation and support of annual Service Organization Reports (SOC 2 Type II Audits)
- Support issues management program including risk acceptance and risk remediation plan governance
- Coordinate and govern corporate & product line business continuity plan documentation
- Maintain repository of customer information security questionnaire sresponses, provid erespons eto customer questionnaires and third-party risk assessments of RSA product lines and services
- Perform Security schedule and contract reviews for RSA product lines, partnering with client relationship managers and RSA Legal
- Develop, perform and trackc or porate Information Security training and awareness materials
- Create program level metrics,reports and updates to executive leadership
Job Requirements
- Strong knowledge of cyber security and information technology systems terminology, concepts, and practices.
- Strong knowledge of IT Controls frameworks including but not limited to:COBIT, COSO, NIST 800-53, Payment Card Industry Data Security Standard (PCI-DSS), Payment Card Industry 3DS (PCI-3DS), Sarbanes-Oxley Act, ISO27001/27002 and Data Privacy and Protection Regulations is required.
- 5+years of current IT Audit and/or IT Risk Management experience is preferred.
- A working knowledge of eGRC platforms such as RSAArcher.
- Hands-on experience performing security control assessments utilizing established industry frameworks.
- Strong verbal and written communications skills are required as well as excellent organizational and time management abilities.
- Possess strong customer service skills, with the ability to work well independently, with minimal oversight.
- Ability to interpret, translate and negotiate with both technical and non-technical personnel information security control modifications and/or remediation progress plan milestones.
- Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
- Given the diverse locations of our team members, the ability to work effectively globally and cross-functionally is critical.
- A degree in Information Technology, Information Security, and/or Accounting Information Systems is desired.
- Industry certifications relevant to the role include, but are not limited to:CISA,CRISC, CISM, ISA/QSA, PCIP, CISSP.
- Knowledge and understanding of technical infrastructure such as Cloud Service Providers(CSPs) such as Amazon, Microsoft Azure and traditional IT data centre technology such as routers, switches, firewalls, and the associated network protocols and concepts.
- A team player capable of embracing the Company’s culture of high standards related to privacy, ethics and compliance principles.
