Technical Reviewer Cyber

Job ID:41018
Location:Mumbai: Solitaire Corporate Park  
Position Category:Technical
Position Type:Employee Regular

Who are LRQA?

LRQA stands for dedication to clients, market firsts, and deep expertise in risk management. We’ve grown to become a leading global assurance provider, bringing together outstanding expertise in certification, customised assurance, cybersecurity, inspection and training.

While we’re proud of our heritage, it’s who we are today that really matters, because that’s what shapes who we and our clients can become tomorrow. By staying true to our shared values and combining decades of collective experience, we support our clients in building a safer and more sustainable future.

LRQA currently operates across 150 countries, with 5000+ experts supporting more than 61,000 clients across a diverse range of sectors and markets.

Role Purpose  

• To conduct technical review of client files against defined procedures with some discretion over priorities of workload,
• Produce reports of technical review/support work carried out.

Key responsibilities

• Complete number of technical reviews, per day, as per set target,
• Complete technical reviews of client files within target turnaround time from the visit report upload date
• Technical reviews conducted meet applicable scheme and accreditation requirements.
• Each Technical reviewer to review pending Technical review tasks on a daily basis,
• Technical Reviewers :
• Complete Technical review, for assigned jobs; when required, discuss with other Technical reviewers and pick up files for Technical reviews with a goal to ensure that set KPIs are achieved,
• Upload Technical review findings, raise Assessor feedback, raise Office actions, as appropriate,

• Update raw data collation spreadsheet with visit details and Technical review findings and other necessary details
• Data filing/entry in accordance with defined procedures,
• Deal with queries and build relationships with internal/external clients, as appropriate
• To coach other team members, as appropriate, to achieve effective knowledge transfer and application,
• Conduct assessments, as required, to maintain necessary qualifications,
• Stay abreast of technical developments in own area of expertise, maintaining CPD records and producing them as required
• Conduct all activities in line with internal procedures, contractual requirements, cost structures and budget constraints

Technical / Professional Qualifications / Requirements

• Degree, higher diploma or equivalent appropriate to the knowledge requirements below
• Qualified third-party information security management system lead assessor

Knowledge

• Knowledge of audit principles, practices and techniques - knowledge of generic management systems audit principles, practices and techniques, as specified in respective standard, sufficient to understand a certification audit report.
• Knowledge of specific management system standards/normative documents -knowledge of the management system standard or other normative documents being specified for certification sufficient to make a decision on the basis of a certification audit report.
• Knowledge of LRMS processes - knowledge of a certification body’s processes sufficient to determine if expectations of the LRMS have been fulfilled on the basis of the information submitted for review. • Knowledge of client’s business sector - knowledge of the terminology, practices and processes common to a client’s business sector sufficient to understand an audit report in the context of the management system standard or other normative document.
• Familiar with the controls and processes relating to the information technology industry, such as
  • National, International, Local and regional legislative requirements regulations, specifications and codes of practice.
  • Design, manufacture, inspection and testing processes for the information technology industry
  • General understanding of software development (i.e project management, development life cycles, coding verification and testing techniques and configuration management)
  • General understanding of computer operational processes (i.e help desk and service management including monitoring and performance measurement, change and release management, bureaux operations).

A general understanding of issues affecting the information security sector, as below

• configuration management
• backup and restoration procedures
• hardware platforms and industry structure (on-site, hosting, cloud based (e.g. IaaS, PaaS))
• licensing requirements
• disaster recovery / business continuity
• data integrity techniques
• system integration
• facilities management
• data security / virus control
• EDI / electronic commerce
• File storage technologies (e.g. clustering)
• Server management technologies (e.g. physical, virtual).

Legislation / regulations / standards

• Should be aware of relevant requirements such as:
• Data Protection Acts
• Computer Misuse Acts
• Software copyright legislation
• Investigatory powers Acts
• Information security management (for example, ISO/IEC 27001) • Sector specific (e.g. finance, healthcare or  government)

Work Experience

• Around 2 to 4 years of industry experience exposing to the specific knowledge requirements and information security management system experience.

Diversity and Inclusion at LRQA:

We are on a mission to be the place where we all want to work and we are passionate about embracing different perspectives because we understand the value this brings to our business, our clients and each other. We are all about creating a safer and more sustainable future and our inclusive culture is right at the heart of our business.

Together our employees make our communities better and we want you to be part of our diverse team!

LRQA is a leading global assurance provider.  The integrity and expertise we bring to our partnership with clients support their journey to a safer, more secure and more sustainable future. (Group entities).

Copyright © LRQA 2021. All rights reserved. Terms of use.  Privacy Policy.