Job Description :
You are joining Sutherland, a global business transformation company offering an integrated set of back-office and customer service support services.
One of the largest, independent process transformation companies in the world, Sutherland serves marquee clients in major industry verticals.
With our head office in Rochester, New York, USA, you will be part of our continuously growing number of 38,000 professionals from over 61 global delivery centers around the globe.
As an GDPR Manager, you are expected to do meet the following responsibilities :
Performing information security risk assessments, Mitigating the Risks identified by deploying controls in line with ISO 27001 Vulnerability Assessment
To facilitate vulnerability scans and penetration tests on scheduled and regular basis.
To insure that vulnerabilities are remediated in a timely manner Monitoring
Collection of Logs of Firewalls, VPN Devices, IDS / IPS, email server, Active Directory etc. and conduct security log review Work with security, technical administration leaders and application development to insure that appropriate logging is implemented to aid in security oversight (Monitoring / Logging) Training
Ensure appropriate and adequate information security training for employees, contractors, partners and other third parties.
Preparation of materials, conducting training program, collection of attendance sheets, feedback sheets etc Security Incident response
Manage security incident response including performing investigative follow-up, assigning responsibility for corrective action, and auditing for effective completion.
Provide ultimate escalation support for issues presented by the user and customer base regarding security topics BCP / DR Ensuring disaster recovery and business continuity plans for information systems are documented and tested Audit and assurance
Work with internal and external audit groups to insure that all requested information is properly disseminated and that all requests are fulfilled.
Facing the client Audits and third party audits
Reports - Coordination with other support groups to collect and collate reports which are required. Preparation of periodical and regular reports prepared and compiled.
Candidate must possess :
at least a Bachelor's / College Degree in Engineering (Computer / Telecommunication), Computer Science / Information Technology or equivalent.
At least 5 year(s) of working experience in the related field is required for this position
Required skill(s) :
ISO 27001, HIPAA, PCI data protection standard.
Strong understanding of computer networking technologies, architectures and protocols and conceptual understanding of Information Security theory
Strong working knowledge of security architecture and recovery methods and concepts including encryption, firewalls, and VPNs
Strong Understanding in IDS / IPS Strong understanding of client and server technologies, architectures and systems
Strong knowledge of information security best practices, tools and techniques
Knowledge of business, security and privacy requirements related to international standards and legislation (including ISO 27001, Payment Card Industry data protection standard (PCI), HIPAA, SAS-70 Type II)
Working knowledge of BCP and DR plan requirements and testing procedures
Working knowledge of Windows XP / 2000 / 2003, Active Directory, and IT Infrastructure security and recovery methods and concepts
Working knowledge of Web-based application security and recovery methods