Manager - Cyber Security Assurance

Job Description

Manager Cyber Security AssuranceIn this role, you shall be responsible to translate business requirement into a secure solution. Identify Contractual Risk, Security Risk, and Technology Risk and recommend Risk mitigants. Maintain compliance to Regulatory and Industry Security standards for the organization. The candidate will help drive continuous improvement of information security related processes and meet customer security commitments. Candidate will own the process of attaining security certifications as applicable and maintain security posture as defined by Genpact & Genpact clients. Candidate will be primary point of contact for information security governance for specific initiatives and work with global teams in various functions to ensure that Info Security contract requirement, policies and client security requirements are implemented uniformly. ResponsibilitiesResponsible for Client Response (RFx). Responsible for translating business requirements into a secure solution. Responsible for solution change governance. Ability to interact with senior stakeholders as well as other functions across a global organization. Ability to interact and work with client stakeholders in communicating and understanding specific requirements. Be the primary Client Security Officer for key clients. Administer information security reviews in Genpact client environments Be able to discuss, talk through and represent organizational perspective with respect to Genpact Information Security in governance and other meetings with clients. Ability to make an impact, influence and achieve results with effective negotiation, problem-solving and communication skills Strong facilitation skills with an ability to respond to immediate and urgent requests while juggling conflicting priorities. Should be able to work in high pressure environment when required. Work with other groups in Information Security and other Technology functions in ensuring seamless integration with security and other processes Own the process of preparation of management dashboards outlining information security compliance measurements against established baseline Conceptualize and drive implementation of a comprehensive security framework as part of new initiatives Monitor changes in relevant regulations and accreditation / certification standards affecting information security and make recommendations to the CISO and internal stakeholders on the need for policy changes. Responsible for information dissemination on Information Security policy, Procedures, Best practices etc. within the specific clients / lines of businesses Reviewing the Master Service agreements, SOWs, DTA s and other contractual documents for existing & new clients. Also reviewing IT architecture/Solutions proposed for deals and identify inherent risks in the proposed IT solutions and suggest appropriate safeguards. Identify opportunities for improvement of the complete RFX process. Articulate contractual risks and work with senior management to mitigate the sameQualifications we seek in you Minimum qualifications Graduate in Engineering or Technology or Science. Experience of client life cycle RFx, Contracts, Solutions and Governance. Work experience on Solutions for Business operations, Technology Services and Digital. Professional certifications such as CISSP, CISA / ISO27001 LA etc. are preferable (though not mandatory) Experience in Information Security / IT compliance / Systems Audit/Contract Management Relevant experience as per the Position Summary Must have worked with a reputed consulting organization or IT Services Organization. Experience in external / client facing roles Should have been extensively involved in process reviews with respect to identifying risk and testing of controls. Sound knowledge of Risk management with an ability to talk to process owners, identify potential risks within organizational context, and work with stakeholders in recommending and implementing mitigating controls. Experienced at collating and preparing information security and compliance metrics for management consumption. Excellent verbal and written communication skills.Preferred qualificationsUnderstanding of industry and regulatory governing bodies standards such as PCI-DSS, SOX, ISO 27001:2013 etc. and other relevant Regulatory guidelines, Data Privacy Laws etc. Understanding of regulatory / industry requirements across different verticals like BFSI, Healthcare, Pharma etc.,

Keyskills :
high pressure environmentinformation security governancepci dssiso 27001life cycleit servicesdata privacyglobal teamsit compliance