Genpact
Location
Gurgaon | India
Job description
Manager - Cyber Risk - BFS033365
With a startup spirit and 115,000 + curious and courageous minds, we have the expertise to go deep with the world’s biggest brands—and we have fun doing it! We dream in digital, dare in reality, and reinvent the ways companies work to make an impact far bigger than just our bottom line. We’re harnessing the power of technology and humanity to create meaningful transformation that moves us forward in our pursuit of a world that works better for people.
Now, we’re calling upon the thinkers and doers, those with a natural curiosity and a hunger to keep learning, keep growing. People who thrive on fearlessly experimenting, seizing opportunities, and pushing boundaries to turn our vision into reality. And as you help us create a better world, we will help you build your own intellectual firepower.
Welcome to the relentless pursuit of better.
Inviting applications for the role of Manager, Cyber Risk.
In this role, you will be responsible for Perform risk assessments of Client applications based on Confidentiality, Integrity and availability risk assessment parameters.
The purpose of the role is to help the organization in developing, implementing and performing in-depth assessment of Client’s domains and applications to determine compliance with Confidentiality, Integrity and Availability Triad.
Responsibilities:
Risk Assessment
· Manage Risk Assessment of internal processes and develop risk and control matrix in line with COBIT, ISO, NIST and ITIL Best Practice and recommendations.
· Hands on experience or understanding the current trends in the Cyber and Technology areas.
· Assessment of security findings, vulnerabilities, and control gaps/deviations identified on applications and infrastructure.
Control Monitoring / Testing
· Understanding the client’s company's policies and procedures and the different Industry Standards like NIST, PCI, ISO27001, COBIT.
· Review the controls of different Cyber and Technology Process and test the design and operational effectiveness of the controls.
· Follow up with First Line of Defense (Business Team) or process owners or the control owners for the remediation of the issues identified until the issue closure. Upon remediation the evidence should be validated and recorded.
Review and develop the automated Cybersecurity control monitoring steps to monitor the control effectiveness on a regular basis.
Qualifications we seek in you
Minimum qualifications –
Several years of Hands-on experience in Cyber / Technology areas.
· Knowledge of infrastructure components and infrastructure architecture (servers, storage, networking)
· Knowledge of OS, virtualization, containers, and other application hosting models
· Knowledge of highly- available and highly secure application development, deployment, and support
· Ability to identify the confidentiality, integrity and the availability related deficiencies in the Client environment against industry standards, Client specific risk parameters, and calculate appropriate inherent and residual risk for applications or infrastructure.
· Previous audit or risk assessment skills are preferred as this effort will involve in-depth analysis with domain owner SMEs
· Simultaneous assessment of control and identifying the controls which can be automated on the analytics platform to monitor the operational effectiveness on the regular basis (Simultaneous construction of control assessment and reporting that will mirror the in-depth risk assessment and be constructed in the Risk & Control Automated Monitoring data analytics platform)
· Knowledge of SQL, testing, and test documentation
· Previous UAT experience, and SDLC knowledge
· Cybersecurity/Technology risk assessment, NIST 800-53, PCI, ISO27001.
Job tags
Salary