Manage daily compliance tasks, ensure continuity of compliance run-books and SOPs, follow up with stakeholders, and manage compliance trackers.

Conduct vendor assessments, review vendor-provided evidence and artefacts, follow up with vendors, and manage vendor management trackers and SOPs.

Roles Responsblities:

• Support the preparation, coordination, and documentation of compliance audits (e.g., ISO 27001, SOC 2, ISO 27701, etc.) by gathering and managing audit evidence, managing audit trackers, etc.

• Manage periodic updates of Information security policies in terms of annual updates, maintenance, etc.

• Assist in the development and delivery of security awareness training materials and campaigns to educate employees on security policies, procedures, and best practices.

• Research emerging trends, threats, and technologies in information security, GRC, and related areas, and assist in analyzing their potential impact on the organization.

• Assist in conducting risk assessments and due diligence activities on third-party vendors and suppliers to evaluate their security controls, practices, and compliance with contractual requirements.

• Aid in identifying and analyzing potential risks associated with third-party relationships, including data security, privacy and compliance risks.

• Monitor the Vendor Assessment tool continuously and ensure that the vendor and assessment records are appropriate at all times

• Maintain a track of all vendors due to periodic risk assessments and assist in conducting the periodic assessments

• Assist in maintaining accurate and up-to-date documentation of third-party risk assessments, findings, and remediation activities, and prepare reports for management and stakeholders as needed.

• Contribute to the development and enhancement of third-party risk management policies, procedures, and guidelines to ensure alignment with industry best practices and regulatory requirements.
• 
  
• Functional Competencies

• Entry-level understanding of at least 3 of the following areas viz. Regulatory and Compliance requirements; implementation knowledge in risk management, policy development, security controls implementation, incident response, technical proficiency, vendor management, monitoring and reporting, collaboration, and continuous improvement.

• Fair understanding in Vendor Management, Risk Management, Facilitation, Communication Skills, Collaboration, Due Diligence and Compliance

Role: Risk Management & Compliance - Other

Industry Type: IT Services & Consulting

Department: Risk Management & Compliance

Employment Type: Full Time, Permanent

Role Category: Risk Management & Compliance - Other

Education

UG: Any Graduate

PG: Any Postgraduate