- Strong knowledge of IT General Controls (ITGC) and practical experience in ensuring compliance with SOX frameworks.

- Hands-on ability to assess, design, and monitor IT controls related to access management, change management, and IT operations.

Information Security Operations (GRC) :

- Proven track record in Governance, Risk, and Compliance (GRC) functions within information security.

- Skilled in risk assessments, control testing, policy enforcement, and regulatory compliance (ISO, NIST, GDPR, etc.).

Certifications & Standards :

- Certified ISO/IEC 27001 : 2022 Lead Auditor, with the capability to lead internal/external ISMS audits and drive continuous improvement.

- Familiar with ISO 27002, ISO 27005, and other supporting standards.

Collaboration & Stakeholder Engagement :

- Strong interpersonal skills to work seamlessly with audit, compliance, business, and technical teams.

- Ability to translate regulatory and security requirements into actionable, business-friendly controls.

Additional Strengths (Good-to-Have) :

- Exposure to other frameworks such as COBIT, PCI-DSS, or HIPAA.

- Strong analytical, reporting, and communication skills.

- Experience in security awareness programs and control remediation.