Manager - Assurance Manager

Job Description

Inviting applications for the role of Manager -Assurance Manager In this role, you will help drive continuous improvement of information security related processes and meet customer security commitments. You will own the process of attaining security certifications as applicable and maintain security posture as defined by Genpact & Genpact clients. You will be primary point of contact for information security governance for specific initiatives and work with global teams in various functions to ensure that Info Security contract requirement, policies and client security requirements are implemented uniformly. Responsibilities
• Works with Digital Functional teams to understand and work through Digital/AppSec Risks in technology implementations of Digital Platforms, AI/ML or RPAs
• Ensuring alignment of regional IT (Issue Type) and privacy requirements with that of global and ensuring relevant cybersecurity and privacy laws are factored in
• Basic understanding of application security scanning tools required example Fortify, Veracode, IBM Appscan source, IBM Rational AppScan, Burp Suite, CheckMarx, WebInspect etc.
• Understanding of technical information security concepts
• Basic understanding of Data security, AWS, Azure Sales Force Cloud security concepts
• Knowledge of cybersecurity concepts (threats, vulnerabilities, risk, confidentiality, integrity, availability, cryptography, network/application security, web security, etc.)
• Should have familiarity with security standards, and should have experience with ISO 27001, PCI DSS, NIST etc.
• Maintain compliance with Regulatory and Industry Security standards for the organization
• Administer information security reviews in Genpact client environments
• Be able to discuss, talk through and represent organizational perspective with respect to Genpact Information Security in governance and other meetings with clients.
• Work with other groups in Information Security and other Technology functions in ensuring seamless integration with security and other processes
• Own the process of preparation of management dashboards outlining information security compliance measurements against established baseline
• Monitor changes in relevant regulations and accreditation / certification standards affecting information security and make recommendations to the CISO and internal stakeholders on the need for policy changes.
• Responsible for information dissemination on Information Security policy, Procedures, Best practices within the specific clients / lines of businesses
• Reviewing the Master Service agreements, SOWs, DTA s and other contractual documents for existing & new clients. Also reviewing IT architecture/Solutions proposed for deals and identify inherent risks in the proposed IT solutions and suggest appropriate safeguards.
• Articulate contractual risks and work with senior management to mitigate the same
Qualifications we seek in you Minimum qualifications
• Professional certifications such as CISA / ISO27001 LA and similar International Certification are preferable (though not mandatory)
• Must have overall experience in Information Security / IT compliance / Systems Audit/Contract Management
• Must have relevant experience as per the Position Summary
• Must have worked with a reputed consulting organization or IT Services Organization.
• Experience in external / client facing roles
• Should have been extensively involved in process reviews with respect to identifying risk and testing of controls
• Sound knowledge of Risk management with an ability to talk to process owners, identify potential risks within organizational context, and work with stakeholders in recommending and implementing mitigating controls
• Experienced at collating and preparing information security and compliance metrics for management consumption
• Excellent verbal and written communication skills
• Ability to interact with senior stakeholders as well as other functions across a global organization
• Ability to interact and work with client stakeholders in communicating and understanding specific requirements. Be the primary Client Security Officer for key clients.
• Ability to make an impact, influence and achieve results with effective negotiation, problem-solving and communication skills
• Strong facilitation skills with an ability to respond to immediate and urgent requests while juggling conflicting priorities. Should be able to work in high pressure environment when required.
Preferred qualifications Understanding of industry and regulatory governing bodies standards such as PCI-DSS, SOX, ISO 27001:2013 etc. and other relevant Regulatory guidelines, Data Privacy Laws etc. Understanding of regulatory / industry requirements across different verticals like BFSI, Healthcare, Pharma etc.,

Keyskills :
high pressure environmentinformation security governancepci dssiso 27001burp suiteit servicesdata privacyibm rationalglobal teams