Associate Principal – Tech Risk Management | Clark
Sutherland Global Services Philippines, Inc
Central Luzon,Philippines
6d ago
source : Monster

Job Description :

You are joining Sutherland, a global business transformation company offering an integrated set of back-office and customer service support services.

One of the largest, independent process transformation companies in the world, Sutherland serves marquee clients in major industry verticals.

With our head office in Rochester, New York, USA, you will be part of our continuously growing number of 38,000 professionals from over 61 global delivery centers around the globe.

As an GDPR Manager, you are expected to do meet the following responsibilities :

  • Performing information security risk assessments, Mitigating the Risks identified by deploying controls in line with ISO 27001 Vulnerability Assessment
  • To facilitate vulnerability scans and penetration tests on scheduled and regular basis.
  • To insure that vulnerabilities are remediated in a timely manner Monitoring
  • Collection of Logs of Firewalls, VPN Devices, IDS / IPS, email server, Active Directory etc. and conduct security log review Work with security, technical administration leaders and application development to insure that appropriate logging is implemented to aid in security oversight (Monitoring / Logging) Training
  • Ensure appropriate and adequate information security training for employees, contractors, partners and other third parties.
  • Preparation of materials, conducting training program, collection of attendance sheets, feedback sheets etc Security Incident response
  • Manage security incident response including performing investigative follow-up, assigning responsibility for corrective action, and auditing for effective completion.
  • Provide ultimate escalation support for issues presented by the user and customer base regarding security topics BCP / DR Ensuring disaster recovery and business continuity plans for information systems are documented and tested Audit and assurance
  • Work with internal and external audit groups to insure that all requested information is properly disseminated and that all requests are fulfilled.
  • Facing the client Audits and third party audits
  • Reports - Coordination with other support groups to collect and collate reports which are required. Preparation of periodical and regular reports prepared and compiled.
  • Candidate must possess :

  • at least a Bachelor's / College Degree in Engineering (Computer / Telecommunication), Computer Science / Information Technology or equivalent.
  • At least 5 year(s) of working experience in the related field is required for this position
  • Required skill(s) :

  • ISO 27001, HIPAA, PCI data protection standard.
  • Strong understanding of computer networking technologies, architectures and protocols and conceptual understanding of Information Security theory
  • Strong working knowledge of security architecture and recovery methods and concepts including encryption, firewalls, and VPNs
  • Strong Understanding in IDS / IPS Strong understanding of client and server technologies, architectures and systems
  • Strong knowledge of information security best practices, tools and techniques
  • Knowledge of business, security and privacy requirements related to international standards and legislation (including ISO 27001, Payment Card Industry data protection standard (PCI), HIPAA, SAS-70 Type II)
  • Working knowledge of BCP and DR plan requirements and testing procedures
  • Working knowledge of Windows XP / 2000 / 2003, Active Directory, and IT Infrastructure security and recovery methods and concepts
  • Working knowledge of Web-based application security and recovery methods
  • Apply
    Add to favorites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form