Security & Compliance 5 to 12 Years Bangalore - Bengaluru, India - Capgemini Invent
Description
The Security & Compliance (S&C) Competency Centre (CC) Analyst is responsible for supporting the following:- Risk Management and Mitigation
- Assess and classify all potential business and infrastructure information risks.
- Develop and socialize our overall risk profile and action plans to mitigate risks
- Review and recommend approval project charters.
- Facilitate smooth conduct of Risk Assessment (including Legal & Regulatory) on Applications, Network& Systems
- Perform end to end Security Assessment on vendor offerings
- New/Leveraging existing (SAAS / PAAS/IAAS) services including integration with Shell environment.
- Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies.
- Actively participate in S&C team and community meetings, representing S&C and Business interests in other CC forums.
- Support during Internal /External Audit
- Ensure that S&C continues to focus on risks significant to the Business, with emphasis on innovation.
- Controls Management and Optimization
- Ensure controls are both riskdriven and based on industry standards
- Review and approve the control design of supplier and Shell technical specifications against Shells control requirements, as agreed contractually, during PDF project.
- Support the development of new IRM policies, tooling, procedures where required
Primary Skills:
Experience and security certification required
- 5+ years of experience in Information security and Compliance, risk management and control design
- Advanced understanding of internal and external IT security standards, ITGC, PCI, GDPR, SOC2/1, ISO27001 standards and relevant legal compliance aspects.
- Good understanding of cloud security requirements and thirdparty control assurance.
- Ability to interface with different groups (Third parties, Business and IT) internal and external to IT (security) and to network globally across Group businesses, as well as with external groups.
- Technical knowledge & relevant experience in security domains /technologies.
- Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies.
- Conduct Risk Assessment on Applications, Network & Systems including vendor managed environment
- A certification in CISSP, CISA, CRISC, CISM, ISO 27001 LA/LI is must.
- Advanced understanding of security standards, ITGC, PCI, GDPR, SOC2/1, ISO27001 and Technical knowledge & relevant experience in security domains /technologies.
- Conduct Risk Assessment on Applications, Network & Systems including vendor managed environment
- Any one of the following certification is must: CISSP, CISA, CRISC, CISM, ISO 27001 LA/LI
Secondary Skills:
- Display excellent communicating and influencing skills
- Display analytical and problem solving skills
- Be proactive and selfmotivated
- Display strong interpersonal and negotiating skills with all levels of staff.
- Display Ability and eagerness to quickly learn new technologies.
More jobs from Capgemini Invent
-
Jda Scpo 3 to 9 Years Bangalore
Mumbai, India - 2 weeks ago
-
Supply Chain Optimization 7 to 12 Years Pan India
Gurgaon, India - 2 weeks ago
-
People Analytics workday 6 to 12 Years Mumbai, Pune
Mumbai, Maharashtra, India - 2 weeks ago
-
Data Privacy 6 to 12 Years Bengaluru
Mumbai, India - 3 weeks ago
-
Blueyonder WMS 7 to 13 Years Pan India
Bengaluru, India - 2 weeks ago
-
SAP Ewm 6 to 8 Years Pan India
Mumbai, India - 2 weeks ago