Proficio is an award-winning (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Take a of our global network of 24/7 Security Operations Centers (SOCs).
Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last five consecutive years. MSSP Alert ranks Proficio among the top 250 global Managed Security Services Providers (MSSPs).
We have a track record of innovation. Proficio invented the concept of . We were the first MSSP to provide automated response services and are the only company in our space with a patent for cyber risk scoring and security posture gap analysis.
Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood. Our prospective clients are also challenged to effectively harness technology and build hardened processes that reduce the risk of security breaches.
While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.
Proficio’s commitment to developing and promoting our team members is unparalleled in our industry. Most of our senior managers were promoted from within.
Proficio is working with an APAC customer to hire a dedicated resource for their Manager Information Risk Management and Audit role on a remote-work from India basis. This role will be responsible for the development and overall management of the Information Risk Management and Audit function. The Manager, Information Risk Management & Audit is primarily responsible for developing, implementing, and maintaining a sustainable internal and external information risk management and audit program across our customer's organization.
Information Risk, Compliance and Audit
- Working closely with internal and external stakeholders, implement, manage and continuously improve a sustainable internal audit program to monitor compliance with any adopted information security and privacy frameworks and standards such as Fedramp, NIST, ISO/IEC 27001, ISO 27701, SOC 2 and PCI DSS
- Achieve ISO 27001 for the organization by implementing and ISMS that identifies, evaluates and appropriately manage internal and third-party security and privacy risks
- Provide accurate, insightful and timely reporting to key stakeholders to enable appropriate and effective decision making and prioritization of risk treatment across the organization,
- Support and influence risk owners to remediate risk effectively in accordance with the organizational risk appetite and tolerance
- Maintain contemporaneous and accurate records of existing and emerging risks
- Keep up to date with regulatory, client and other compliance requirements and adjust the risk management and audit programs accordingly when required
- Advise leadership, Data Protection Officers and other internal stakeholders on information risk introduced due to lack or failure of internal controls or new development in compliance requirements
- Recommend and assist with the implementation of changes in policies to reduce the critical and high risks identified in risk assessment. Recommend physical, administrative and technical organizational measures to manage security and privacy risks
- Regularly review and update the risk management policy and risk register
- Provide expert opinion on risk management and stay updated on various security and privacy risk management best practices
Cross Functional Coordination
- Coordinate with the business lines and supporting functions IT, Privacy, Legal, and HR. In particular, cooperate cross-functionally with group business applications, product engineering, program management, IT infrastructure and operations.
- Opportunity to work in a progressive organization with structured training and roadmap for success
- Health benefits, lunches, gym reimbursement, and internet funding for our India staff!
- Experience in one of the hottest IT industries today
Proficio is an EOE employer.
Proficio collects certain personal information upon your submission of an application for an open position. More information is available about your consumer rights and our privacy policy at
What We Do
Proficio is a world-class Managed Security Service Provider (MSSP) providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services to organizations globally.
Our rapid growth is being fueled by the rise in cloud-based services, the acceptance of the Software-as-a-Service (SaaS) model, and the increasing number of cyber security attacks on businesses, hospitals and government. We have developed proprietary security content and threat intelligence tools to identify and proactively defend against advanced attacks and insider threats. Proficio’s founders are veterans of the security and networking industry who have helped guide multiple companies to successful exits.
Proficio’s customers benefit from the most advanced security monitoring and 24×7 managed security services that until recently were outside the budget of all but the very largest enterprises. Proficio’s ProSOC service offerings include the following:
• 24×7 security event monitoring, alerting, and remediation
• Advanced SIEM correlation analysis
• Protection against complex attacks and insider threats
• Actionable intelligence that enables internal IT teams to effectively and quickly resolve issues
• Threat Intelligence
• Active Defense that blocks targeted attacks in real time 24×7
• Worry-free compliance audits for: PCI, HIPAA, SOX, GLBA, FFIEC, NERC CIP, and FISMA regulations
• Visibility to event logs with easy-to-use web portal, powerful reporting, dashboards, and drill-down analytics
• Full management of security devices including patching, health and performance monitoring, and tuning
• Free 12 month log retention
• Out-of-the-box support for 400+ log sources
• Scalable cloud-based deployment – fast implementation and no software or hardware purchases
• Advanced scanning eliminating vulnerabilities before they can be exploited
.png)
