Hyderabad Jobs |
Banglore Jobs |
Chennai Jobs |
Delhi Jobs |
Ahmedabad Jobs |
Mumbai Jobs |
Pune Jobs |
Vijayawada Jobs |
Gurgaon Jobs |
Noida Jobs |
Hyderabad Jobs |
Banglore Jobs |
Chennai Jobs |
Delhi Jobs |
Ahmedabad Jobs |
Mumbai Jobs |
Pune Jobs |
Vijayawada Jobs |
Gurgaon Jobs |
Noida Jobs |
Oil & Gas Jobs |
Banking Jobs |
Construction Jobs |
Top Management Jobs |
IT - Software Jobs |
Medical Healthcare Jobs |
Purchase / Logistics Jobs |
Sales |
Ajax Jobs |
Designing Jobs |
ASP .NET Jobs |
Java Jobs |
MySQL Jobs |
Sap hr Jobs |
Software Testing Jobs |
Html Jobs |
Job Location | Bangalore |
Education | Not Mentioned |
Salary | Not Disclosed |
Industry | NBFC ( Non Banking Financial Services ) |
Functional Area | Sales / BD,Finance / Accounts / Tax |
EmploymentType | Full-time |
Summary of role:
The Cybersecurity Technology Risk Consultant will provide informationsecurity guidance and enforcement of CS&A guidelines to internal andexternal organizations (i.e., IT delivery, Business functions, and Third-party vendors.).He/she will perform Vendor Cybersecurity Risk Assessments, identify gaps anddefine a remediation plan. He/she will work alongside the Business InformationSecurity Officer/s (BISOs) and assist them in evaluating cybersecurity needs ofkey stakeholders/Business partners and help to find solutions to issues relatedto cybersecurity risk.
These efforts will focus, and include but not limited to, dataprotection risk/threats to Kimberly-Clark IT Infrastructure, Mergers &Acquisitions (M&A), Emerging Technologies (Cloud, BYOD), Secure SupplyChain & Third-Party Vendor Risk; to include information security compliance(HIPAA, SOX, PCI).
The ideal candidate will need to be able to handle technicalescalations and represent the organization in technically, politically, orchallenging engagements. Facilitate team operations and ongoing execution ofwork activity. Backup all teammates in all engagements as necessary/warranted. Responsibilities:
Partner with the CISO/BISO organization, Strategy, Operations and Engineering,and IT Business Partners to understand the Kimberly-Clark business and helpminimize cybersecurity risks with existing solutions and new initiatives
Work closely with IT Business Partners and Enterprise Architectsin designing system solutions following a risk-based approach and ensure thesolution is aligned with internal controls and security policies
Support and facilitate the IT cybersecurity vendor risk assessmentprocess, driving automation and improvement with third-party risk evaluation toaid in efficiency with identifying risk
Develop criticality levels for third-party vendors following astandard risk-based approach
Support stakeholders with remediation of risk, gaps or issues identifiedduring the vendor cyber security risk assessment that exceeds the risktolerance of the company
Collaborate with the Sales, Marketing, Supply Chain, HR, Legal andFinance organization to evaluate third-party vendor cybersecurity risks andprovide guidance for remediation
Ability to develop technical white papers and best practiceguidelines to achieve consistency with applying and enforcing security policy
Provide assistance with Threat Modeling, Penetration Testing, SDL,Code Security Reviews and Cloud security reviews
Collaborate with Kimberly-Clark Legal team to understand global dataprivacy/protection requirements
Maintain a broad understanding of compliance across applicationsand networks for PCI, HIPAA, PII, and SOX
Qualifications:
Bachelor s degree required, preferably in computer science orinformation systems
6 years of Information Security, with a background in cybersecurityand compliance experience
Experience working in Agile or Waterfall methodology and anunderstanding of phased approaches to the Software Development Life Cycle
Ability to communicate clearly and effectively with bothtechnology/development and business partners; strong technical communicationskills, both written and verbal; ability to explain technical security conceptsto stakeholders in non-technical business language
Experienceworking in a matrix model, as the technology risk consulting team supportsoperational and transformational efforts globally across Kimberly-Clark
Service levelmanagement experience
Knowledge andexperience of Information Security Risk and Security governance
Preferred qualifications:
While experience in several IT disciplines may provide a solidframework for this position, hands-on results from performing IT riskassessments, information security consulting or IT audits are most beneficial
Experience in the following regulations and frameworks: PCI, ISO 27001/2,SOC/SSAE 18, HIPAA, GLBA, NIST 800
Security certifications such as CISSP, CISM, CEH, CISA, etc. are aplus.
,Keyskills :
mislife cyclesalesbankingit deliverymusic makingrisk consultingit auditsoftware development life cycleaccountstatcyber securitycloud securitytechnology risksupply chainiso 27001risk assessmentinformation security consultingwhite papers