Urgent Opening For Advisor - Information Security Assurance

Role & responsibilities

• Understanding applicable regulations, standards (e.g. HITRUST, SOC-2, HIPAA, TX-RAMP, PCI-DSS, etc.) and industry best practices to manage risk and ensure compliance
• Perform process definition/update and deployment across all teams in consultation with the respective functions
• Identify best practices, drive continuous information security related process improvement and facilitate deployment of information security process changes
• Document the identified Information Security Policies and processes to ensure compliance with legal, regulatory and security standards (e.g. HITRUST, SOC-2, HIPAA, TX-RAMP, PCIDSS, etc.) and maintain the Information Security Management Systems.
• Perform due diligence for third party contracts and perform periodic 3rd party Risk Assessments.
• Drive and complete Information Security Assessments assigned to MRO by its clients.
• Manage and support Information Security Risk Management Lifecycle across MRO.
• Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspective.
• Own and drive the Information Security Incident Management Program at MRO.
• Be responsible for security audits performed at MRO based on HITRUST, HIPAA, PCI-DSS, TX-RAMP, etc.
• Drive the phishing simulation program at MRO and focus on its continual improvement.
• Drive Business Impact Analysis, Privacy Impact Analysis across MRO to determine and update applicable RTOs and RPOs.

Technical/Domain Skills:

Must have hands on experience of HITRUST based policy/process definition, implementation and participation in at-least one (1) full end to end HITRUST audit cycle

Desirable: Knowledge/work experience on SOC2, HIPAA, PCI-DSS, TX-RAMP and NIST Cybersecurity Framework