The Information Risk Management (IRM) program encompasses a global team that is responsible for ensuring all security risks pertaining to business delivery and Client engagements are managed end to end. The team is a business facing team and engages on a frequent basis with business leaders to identify, analyze and mitigate security risks. The team is also the primary touch point between the Corporate Security Group and Business teams, while supporting the Business on Client security requirements and compliance.
We are seeking an Information Risk professional, to be part of Corporate Security Group, and play an integral leadership role in the overall development and management of security and risk in a Client specific engagement for the Business Process Services (BPS) line of business (LoB).
- Strong knowledge of privacy laws, standards, rules and regulations
- Utilize best practice standards such as ISO 27001, SOC, NIST, PCI
- Ensure process adheres to legal & regulatory requirements as applicable to the scope of work.
- Ensure adherence to the Client Contractual Requirements of the Process/ Function.
- Ensure implementation security architecture and strategies inline with the business risk and client expectation on the engagement
- Facilitate regular assessments to identify comprehensive risks, any non-compliance or contractual breaches and encourage continuous improvements.
- Align and integrate the Information Security strategy for the engagement with the business goals
- Monitor and evaluate security measures to protect against reasonably anticipated threats or hazards to the privacy, security or integrity of Client sensitive information for the LoB
- Establish, communicate, and maintain a charter for the security management function for the engagement and BPS LoB
- Provide consolidated risk dashboard to the management and the business unit leaders
- Lead and collaborate directly with the Client’s senior management; delivery, practice development and thought leadership related to Information Security solution development, assessment and implementation
- Demonstrates proven knowledge of system security, controls or information security management environment based on the risks, specifically on the following information security domains:
- Security Architecture and Strategy (Integrated Risk Management)
- Data Leakage Prevention; Focus on Data Flow, Encryption
- Large Complex Program Execution/Implementation
- Security Function Design and Governance
- Incident Management
- Security Infrastructure
- Prepare and implement effective security and compliance training to employees to ensure that any changes in regulations are communicated in a timely manner
- Develop, maintain security management plan for the engagement and provide periodic updates to the management and business leaders on the compliance.
- Develop and monitor security metrics for the engagement.
- Review security exceptions for the engagement and identify risks
- Monitor the risk mitigation plans
- 10+ years of experience in information security, preferably in the BPS Services Sector and outsourcing industry
- Bachelors’ degree in Computer Science or equivalent certification
- Security certifications desired such as CISA, CISSP, CISM, CRISC etc
- In-depth understanding of network and system security technology and practices across all major-computing areas.
- Proficient in providing security advisories, solutions or mitigation approach on the inherent risks
- Experience in understanding and deploying risk management frameworks
- Focused personality, with a demonstrated ability to take initiative, successfully handle and prioritize multiple competing assignments and effectively manage deadlines
- Ability to think strategically; work with a sense of urgency and pay attention to detail.
- Ability to present complex solutions and methods to a general community.
- Ability to interact with all levels of management and high-profile individuals
- Independent thinking, willingness to “step outside the box” and take reasonable, calculated risks.
- Excellent written and verbal communication and organizational skills.
- Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources.
- Experience with working on global teams across time zones, cultures and languages
Employee Status : Full Time Employee
Shift : Day Job
Travel : No
Job Posting : Jan 29 2019
Cognizant US Corporation is an Equal Opportunity Employer Minority/Female/Disability/Veteran. If you require accessibility assistance applying for open positions in the US, please send an email with your request to [email protected]
Cognizant is one of the world’s leading professional services companies, transforming clients’ business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant, a member of the Nasdaq-100, is ranked 195 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us on Twitter: USJobsCognizant.
Cognizant is recognized as a Military Friendly Employer and is a coalition member of the Veteran Jobs Mission. Our Cognizant Veterans Network assists Veterans in building and growing a career at Cognizant that allows them to leverage the leadership, loyalty, integrity, and commitment to excellence instilled in them through participation in military service.
Click here to apply.