Sr. Mgr Cyber Security Analyst - Services & Customer Projects
Location
Bangalore | India
Job description
v Mission
His mission is :
- to ensure that all third-party involved in Customer Projects and Services Operations activities are duly qualified and meet expectations in terms of cybersecurity requirements and compliance.
Its responsibilities cover all Schneider Customer Projects & Service Business within Energy management Business Unit and its lines of business (hereafter referred to as 'LoB') and departments.
- to ensure Proper application of GCP&SO Vulnerability Management Process , namely communication to Operations teams about vulnerabilities affecting projects and installed base and proper tracking of the containment actions taken by our operations
v Key responsibilities of the role
Application of the security framework defined for Customer projects and services suppliers by : - Assessing, evaluating risks and control environments of the Third-Party Suppliers inline to established standards, policies, and procedures
- Highlighting the risks to Business as an outcome of the assessment
- Updating Leadership team on the High/Critical open findings
- Engaging with suppliers, country and hubs procurement and operations teams for the launch and application of the mitigation measures
- Supporting countries in the implementation of said measures
- Monitoring the progress and providing recommendations for enforcement
- Reviewing & updating documentation for policies, procedures, standards & guidelines.
- Consolidating baseline and supplier identification
- Compiling data reports required for the preparation of internal and execution reports.
- Ensuring consistency of data through the different digital tools
Application of GCP&SO Vulnerability Management Process by : - Gathering documentation about Vulnerabilities, potential impacted applications in GCP&SO, and additional internal actions to be taken
- Informing all Project and Services Operation Leaders & Hub/ zone Leaders (cp Regional Managers) and trace the case
- Ensuring impact assessment are carried out by project and services teams, implementation of the required actions (fix, mitigation, other) depending on project status and customer contract, and updating traceability tool accordingly
- Compiling data reports required for the preparation of internal and execution reports.
- Contribute to process management and continuous improvement
v Main interactions across Business Lines and supporting teams
- This position is integrated in Global Customer Projects & Services Operations (GCP&SO) with a direct report to Cybersecurity Leader, and the above activities will be executed in close collaboration with:
- GCP & Services Operations Procurement and Operations teams in central, regions, hubs, countries
- Cybersecurity transformation initiative leaders
- Cyber champions in countries and hubs
- Third-party program governance team
- Product security Office and Vulnerability management team
GCP&SO quality team
Qualifications v Key skills and requirements
- Strong business acumen and strategic thinking skills to enable understanding of third-party and vulnerabilities risks in context of business activities,
- Demonstrated success in assessing, identifying, and addressing information risks related to third party relationship,
- Ability to adapt to change quickly, work comfortably with ambiguity, and manage multiple tasks successfully,
- Strong commitment to customer service, stakeholder relationships, and high impact communications across all organizational levels,
- Knowledge on Information security ops, data protection, endpoint, server-side security, cloud computing, secure development, vulnerability management
- Strong working knowledge of current workplace productivity and collaboration tools, especially Microsoft Office 365 (including SharePoint, Excel, Planner, Forms, Flow and Teams),
- Ability to work on multiple tasks and manage priorities,
- Ability to build and maintain effective working relationships at all levels,
- Excellent analytical, communication and report writing skills,
- Excellent verbal and written communication skills along with an ability to work effectively with senior management, think conceptually, and interact with others using strong interpersonal, organization and communication
- Influence & convince skills required toward suppliers and internal teams
v Qualifications Required: - 2+ years of relevant audit or risk-related experience in Software Development, IT/OT
- 2+ years application/product security, IT/OT security, and general cybersecurity.
- Prior experience of risk management at a function/business unit level would be an added advantage
- Bachelor's degree or equivalent work experience required
- Collaborative with ability to manage relationships across multiple functional areas
- Extensive knowledge and understanding of Internal controls / assurance review tools and practices
- Excellent English mandatory
Schedule: Full-time
Req: 008QC1
Job tags
Salary