Professional Certifications Required: PCI DSS, PMP
Job Location : Bahrain Level of exp. : 7 to 10 years Domain : Banking Functional Experience : Information Technology Leadership Experience : Consulting Language : Arabic & English \xe2\x80\x93 Speak, Read, Write & Translate (Mandatory)
Technical Skills Required: Test the knowledge on Security Principle (CIA), Test the knowledge on Security Risk management.
Test Knowledge on Security governance and policy framework
Test the knowledge on Security requirements in PCI DSS, Swift CSP and regulatory requirements.
Test ability to explain Security risks to nontechnical audience.
Test understanding of the industry standard frameworks such as ISO 27001, NIST, PCI-DSS
Test Knowledge on Third Party Security Management Framework
Job Responsibility: Developing the process and the strategy for 3rd party risk assessments
Develop the questions for 3rd party risk assessments.
Consolidate into a view for reporting.
Conduct security risk assessments for potential and existing 3r parties through questionnaires, on-site visits, and review of documentation including assessment reports to identify control gaps and risks.
Collaborate with information security GRC, operational risk and other departments to ensure that 3rd party risks are included in risk assessments performed by those functions, including privacy evaluations.
Assess controls against regulatory requirements and expectations of regulators relating to TPRM.
Work independently and take responsibility for actions.
Identify and implement a security monitoring platform to continually and independently assess the external perimeter of critical 3rd party suppliers to identify, communicate, and remediate security issues.
Collaborate with information security GRC, operational risk and other departments to ensure that 3rd party risks are included in risk assessments performed by those functions, including privacy evaluations.
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.