Ability to effectively liaise with clients and manage stakeholder expectations. Work with client teams from various depts.
Such as compliance teams, auditing, and regulators to identify and document various requirements/obligations.
Conducting risk assessments and audits with respect to people, processes, and technology. Identification of gaps/observations, risks, opportunities, and improvement of policies, processes, procedures, and standards.
Documenting information security risk, recommendation, and compensating controls in the form of assessment/audit reports.
Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third-party risk management