Associate - IT Compliance - Cybersecurity

Job Description

About Us Founded in 2006, TresVista has been the leading provider of high-end outsourced support for asset managers, entrepreneurs & corporates for over a decade. TresVistas support functions include business plan development, all aspects of fund administration, portfolio management, valuation & research and deal sourcing & execution. With offices in Bengaluru, Mumbai, Pune & Singapore, managing over $10 trillion in AUM, across geographies & asset classes and over 1,000 clients, TresVista delivers cost & operational efficiencies with dedicated teams across functions The Role & Responsibilities - Understanding the business and IT infrastructure including applications and servers through interactions and walkthroughs - Collecting information and reviewing information systems policies, standards and procedures to verify that they address the organizations internal and external requirements and to identify information systems control deficiencies- Understanding the various processes in place at the organization, such as RIS, IT, HR, FMS, Software Development, strategy and their integration with one another- Performing a root cause analysis of the various risks identified and development of solutions to mitigate the risks and the flow of data and information and performing a threat and risk analysis of each process - Facilitating external IT audits (ISO 27001 and SOC 2) corporate-wide examinations- Facilitating external VAPT audits, phishing drills, client audits- Responding to client due diligence questionnaires around IT Security- Assisting with development and implementation of corporate compliance procedures and controls- Performing special compliance and audit related projects as assigned- Managing and measuring the IT Security Framework and developing and maintaining a technology risk assessment program for business applications and processes- Conducting internal VAPT audits and share the reports with the management - Keeping the department updated with the latest technological changes and cybersecurity advancements- Designing and producing metrics showing operational compliance with best practices- Planning, supervising, and conducting testing to confirm continuous efficiency and effectiveness of information system controls- Reviewing of Business Impact Analysis, Risk Assessment, Current State Network assessment and Recovery Strategy Analysis- Providing recommendations to the Top Management based on industry best practices to optimize IT processes and achieve business goals Prerequisites - Sound understanding of auditing/compliance- Strong eye for detail - Good command over written and spoken English - Ability to meet deadlines and good time management skills - Ability to work well under pressure with tight deadlines while delivering high quality and output - Should be able to manage a team effectively as well as contribute individually to projects- Knowledge of Personally Identifiable Information (PII) data security standards Growth Opportunity - Steep learning curve and a clearly defined career path- Subsequent promotion to AVP/VP accompanied by significant increase in responsibility and compensation - Potentially, based on performance, be a part of the International compliance consulting team Qualification - Graduation/Post Graduation (B.E/ B.Tech, M.E/M.Tech, M.Sc IT)- CEH V9 or other equivalent Ethical Hacker degree is preferable- One or more of the following information security certifications or advanced degree in information security/cybersecurity: CISSP/OSCP/CISM/CRISC/CISA/HISP or equivalent Experience 4-6 years of experience in Security Compliance/IT Audit/System review role Compensation The compensation structure will be as per industry standards,

Keyskills :
root cause analysisbusiness impact analysisdue diligencedata securityrisk analysisdeal sourcingtop managementrisk assessmenttime managementit infrastructuremanagement skills