-->

My Life

Sunday, 21 August 2011

IT Profession ( IT Security Compliance and Governance Consultant )

* Lab Exercise Asked By Encik Hermizul. :-)
IT Security Compliance and Governance Consultant

Jobs Requirements :
Qualification:-
  • Bachelor’s degree in Computer Science, Engineering, Business, or related field or equivalent work experience in IT Audit and Compliance in Information Security standards such as COBIT (SAS70/ISAE), SOX and ISO 27001. Experienced in handling data privacy, import, export and regulatory compliance.
  • May have Master's degree in related field. Often holds intermediate-level certification(s) in work field such as CISA, CISM and CISSP. Typically 5+ years of relevant experience.
(Note: Certified Information Systems Auditor (CISA) , Certified Information Security Manager (CISM) and Certified Ethical Hacker (CEH).)

 Jobs responsibility :
  • Assist with the development and execution of a rolling yearly work plans for the Compliance.
  • Plan, conduct and oversee audit/compliance/risk management activities.
  • Develop/implement audit/compliance/risk management programs.
  • Manage audit/compliance/risk relationships between Company and client.
  • To act as a consultant to internal and external clients on matters of internal control and risk management.
  • Manage and drive audit tracking and remediation tasks.
  • Facilitate externally run reviews conducted by clients, external auditors, regulatory bodies and other organizations as required.
  • Maintain currency on laws regulatory requirements, methodologies and standards appropriate for company and our clients.
  • Develop/manage ongoing reporting.
  • Coach and mentor team members.
  • Establish and maintain effective relationships with people at all organizational levels, internally and externally.
  • Identify and analyze new or existing tools, processes, and procedures.
  • Prepare materials and execute presentations of solutions, proposals, process change etc. to appropriate audiences.
  • Identify and evaluate the significant exposures or risks across functions, locations, accounts, processes, or other variables associated with company and the client account.
  • Represent company control interests to clients and external parties by vetting all audit/compliance/risk management responses to clients and external parties to ensure appropriateness of responses.
  • Provide control/risk management expertise in global initiatives that affect the control/risk management environments.
  • Understanding of technology in areas of compliance issues.
  • Apply advanced subject matter knowledge to complex business issues, and regarded as a subject matter expert. Frequently contribute to the development of new ideas and methods.
  • Work on complex problems / projects where analysis of situations or data requires an in depth evaluation of multiple factors.
  • Exercise significant independent judgment within broadly defined policies and practices to determine best method for accomplishing work and achieving objectives. Lead and / or provide expertise to functional project teams and may participate in cross-functional initiatives. May provide mentoring and guidance to lower level employees.
  • Act as an expert providing direction and guidance to process improvements and establishing policies. Frequently represent the organization to external customers/clients.
  • Apply deep and broad technical background and knowledge of industry trends to operate several critical or high risk technology areas/customer groups. Integrate technical knowledge and business understanding to create superior solutions for company and for customers. Mentor/consult with team members, other organizations, customers, and vendors on complex issues.

Knowledge and Skills :
  • Strong written and communication skills across all levels.
  • Ability to independently and manage audits.
  • Demonstrated ability to work with and influence senior leadership.
  • Demonstrated understanding of audit/compliance/risk management methodologies, standards and bench marks.
  • Proven ability to multi-task, manage and work on projects/tasks concurrently.
  • Proven ability to analyze situations, draw conclusions and take or recommend appropriate actions.
  • Strong negotiation skills.
  • Demonstrated ability to meet commitments.
  • Demonstrated ability to prioritize and make changes where necessary (cope with pressure).
  • Knowledge in procedures and processes.
  • Good planning and project management skills.
  • Ability to work in a complex technical area.
  • Being able to work in a dynamic, often pressured, environment whilst adhering to service development and quality management procedures.
  • Emulate Service Excellence Standards.
  • Enhance responsiveness to customer requirements.
Posted by Nur Amalina Syahirah at 8/21/2011 10:43:00 pm
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Labels: IT

No comments:

Post a Comment

Older Post Home
Subscribe to: Post Comments (Atom)

The Girl

My photo
Nur Amalina Syahirah
Tawau, Sabah, Malaysia
18. Diploma in Information of Technology. Politeknik Mukah Sarawak
View my complete profile

Followers

Blog List

  • ✿ The Pink Gajah Story ✿
    Daftar Cara Jualan Pulsai Di Pariaman, Sumatera Barat
    7 years ago
  • Bows and a Rose
    Ramadan Mubarak
    10 years ago
  • BelogMeZan
    Download Movie Psychobitch (2018)
    11 years ago
  • ...::Flavour's Of Life...::
    Esok adalah kemuncaknya
    12 years ago
  • My New Life
    Kisah Semalam
    13 years ago
  • Solitude Slumber
  • Bibiy ♥
  • Syiela Own's Blog
Show 5 Show All

Link List

  • CherryBam
  • ILuvIslam
  • StyleCovered
  • SyielaTumblr

Blog Archive

  • ▼  2011 (3)
    • ▼  August (3)
      • IT Profession ( IT Security Compliance and Governa...
      • Description on How To Be A Good Computer Technician.
      • New Email, New Blog.
Copyright By Nur Amalina Syahirah. Powered by Blogger.