Genpact
Location
Gurgaon | India
Job description
Director, Technology / Cyber Risk - BFS033386
With a startup spirit and 115,000 + curious and courageous minds, we have the expertise to go deep with the world’s biggest brands—and we have fun doing it! We dream in digital, dare in reality, and reinvent the ways companies work to make an impact far bigger than just our bottom line. We’re harnessing the power of technology and humanity to create meaningful transformation that moves us forward in our pursuit of a world that works better for people.
Now, we’re calling upon the thinkers and doers, those with a natural curiosity and a hunger to keep learning, keep growing. People who thrive on fearlessly experimenting, seizing opportunities, and pushing boundaries to turn our vision into reality. And as you help us create a better world, we will help you build your own intellectual firepower.
Welcome to the relentless pursuit of better.
In this role, you will be responsible for Perform risk assessments of Client applications based on Confidentiality, Integrity and availability risk assessment parameters.
The purpose of the role is to help the organization in developing, implementing and performing in-depth assessment of Client’s domains and applications to determine compliance with Confidentiality, Integrity and Availability Triad.
Responsibilities:
Risk Assessment
· Manage Risk Assessment of internal processes and develop risk and control matrix in line with COBIT, ISO, NIST and ITIL Best Practice and recommendations.
· Hands on experience or understanding the current trends in the Cyber and Technology areas.
· Assessment of security findings, vulnerabilities, and control gaps/deviations identified on applications and infrastructure.
Control Monitoring / Testing
· Understanding the client’s company's policies and procedures and the different Industry Standards like PCI, ISO27001.
· Review the controls of different Cyber and Technology Process and test the design and operational effectiveness of the controls.
Review and develop the automated Tech / Cybersecurity control monitoring steps to monitor the control effectiveness on a regular basis.
Control Automation
Perform simultaneous assessment of control and identifying controls which can be automated on the analytics platform to monitor the operational effectiveness on the regular basis.
Defect / Gap Identification
· Identify the confidentiality, integrity and the availability related deficiencies in the Client environment against industry standards, Client specific risk parameters, and calculate appropriate inherent and residual risk for applications or infrastructure.
Client Management / Issue tracking and closure
· Maintain effective business relationships with key members of management
· Follow up with First Line of Defense (Business Team) or process owners or the control owners for the remediation of the issues identified until the issue closure.
· Complete audits on time by developing comprehensive testing and resource plans ensuring timely completion of assigned tasks.
Qualifications we seek in you
Minimum qualifications
Several years of Hands-on experience in Cyber / Technology areas.
· Knowledge of infrastructure components and infrastructure architecture (servers, storage, networking)
· Knowledge of OS, virtualization, containers, and other application hosting models
· Knowledge of highly- available and highly secure application development, deployment, and support
· Previous audit or risk assessment skills are preferred as this effort will involve in-depth analysis with domain owner SMEs
· Knowledge of SQL, testing, and test documentation
· Previous UAT experience, and SDLC knowledge
· Cybersecurity/Technology risk assessment, NIST 800-53, PCI, ISO27001.
Job tags
Salary
