Security & Compliance 5 to 12 Years Bangalore - Bengaluru, India - Capgemini Invent

Capgemini Invent
Capgemini Invent
Verified Company
Bengaluru, India

3 weeks ago

Deepika Kaur

Posted by:

Deepika Kaur

beBee Recuiter
Description
The Security & Compliance (S&C) Competency Centre (CC) Analyst is responsible for supporting the following:

  • Risk Management and Mitigation
  • Assess and classify all potential business and infrastructure information risks.
  • Develop and socialize our overall risk profile and action plans to mitigate risks
  • Review and recommend approval project charters.
  • Facilitate smooth conduct of Risk Assessment (including Legal & Regulatory) on Applications, Network& Systems
  • Perform end to end Security Assessment on vendor offerings
  • New/Leveraging existing (SAAS / PAAS/IAAS) services including integration with Shell environment.
  • Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies.
Support in development of tooling to support IRM processes and ensuring this is fit for purpose.

  • Actively participate in S&C team and community meetings, representing S&C and Business interests in other CC forums.
  • Support during Internal /External Audit
  • Ensure that S&C continues to focus on risks significant to the Business, with emphasis on innovation.
  • Controls Management and Optimization
  • Ensure controls are both riskdriven and based on industry standards
  • Review and approve the control design of supplier and Shell technical specifications against Shells control requirements, as agreed contractually, during PDF project.
  • Support the development of new IRM policies, tooling, procedures where required

Primary Skills:


Experience and security certification required

  • 5+ years of experience in Information security and Compliance, risk management and control design
  • Advanced understanding of internal and external IT security standards, ITGC, PCI, GDPR, SOC2/1, ISO27001 standards and relevant legal compliance aspects.
  • Good understanding of cloud security requirements and thirdparty control assurance.
  • Ability to interface with different groups (Third parties, Business and IT) internal and external to IT (security) and to network globally across Group businesses, as well as with external groups.
  • Technical knowledge & relevant experience in security domains /technologies.
  • Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies.
  • Conduct Risk Assessment on Applications, Network & Systems including vendor managed environment
  • A certification in CISSP, CISA, CRISC, CISM, ISO 27001 LA/LI is must.
  • Advanced understanding of security standards, ITGC, PCI, GDPR, SOC2/1, ISO27001 and Technical knowledge & relevant experience in security domains /technologies.
  • Conduct Risk Assessment on Applications, Network & Systems including vendor managed environment
, SAAS, PAAS, IAAS etc.

  • Any one of the following certification is must: CISSP, CISA, CRISC, CISM, ISO 27001 LA/LI

Secondary Skills:


  • Display excellent communicating and influencing skills
  • Display analytical and problem solving skills
  • Be proactive and selfmotivated
  • Display strong interpersonal and negotiating skills with all levels of staff.
  • Display Ability and eagerness to quickly learn new technologies.
More jobs from Capgemini Invent
See all jobs of Capgemini Invent