Information Security And Risk Manager Job in Cynosure Corporate Solutions

• Identify and evaluate risks; understand business context and prepare
  
• reports and recommendations
  
• Perform annual Security Risk assessments and conduct related ongoing
  
• organizational compliance monitoring activities
  
• Identifying cloud-related risks and related business impact
  
• Identifying risk mitigation approaches (actions, phases, manual efforts, etc.)
  
• Communicating risks in business terms for prioritization
  
• Work with all functional business areas to develop and maintain a corporate
  
• wide BCP program that addresses business recovery and emergency
  
• response management
  
• Define, establish and implement organizational information security
  
• processes, to ensure business, regulatory, legislative and contractual
  
• Requirements and obligations are met.
  
• Implement internal and external ISMS audit processes, audit plan, monitor
  
• effectiveness of controls and corrective actions in cooperation with the
  
• stakeholders across the organization.
  
• Manage gap analysis, compliance readiness, and compliance monitoring
  
• activities for ISO/IEC 27001, SOC2 and other regulatory security audits.
  
• Coordinate external security audits, assessments and testing as well as
  
• Remediation plans development and implementation.
  
• Identify, assess and monitor information security risks and recommend
  
• mitigation measures.
  
• Develop content, coordinate and facilitate a comprehensive organizational
  
• information security awareness training program.
  
• Manage security requirements with third parties, including due diligence of
  
• products and services providers and information security requirements
  
• clauses in service provision agreements and contracts.
  
• Develop, coordinate and maintain information security policies, procedures
  
• and other security related documents.
  

Requirements