Cybersecurity Controls Analyst - Mumbai, India - Abbott

    Abbott
    Abbott Mumbai, India

    2 weeks ago

    Default job background
    Description

    Core Job Responsibilities:

  • Provide Cybersecurity Controls Assessment / Monitoring support for the BTS IT organization.
  • Evaluate scope of planned testing activities for assigned assessments and align with integrated controls framework.
  • Support all phases of controls assessments of IT systems from preparation to discussion of any identified deficiencies and remediation monitoring support.
  • Develop and support programs such as Continous Controls Monitoring (CCM), Online Commerce Assessment, IT Controls Remediation Monitoring.
  • Establish and maintain productive relationships with all Cybersecurity and IT stakeholders including external partners.
  • Champion change, innovation, and process thinking.
  • Identify and execute on need for update and/or improvement to the integrated controls framework based on monitoring trends and/or control environment changes Risk Evaluation and Remediation.
  • Evaluate and prioritize remediation activities and execute risk acceptance process where appropriate - Practices appropriate risk-based root cause analysis methodology that considers the organization's strategic direction and priorities.
  • Advise on rollout and management of Cybersecurity Controls Assessment initiatives and support associate strategy in enterprise initiatives as a representative of Enterprise Cybersecurity Group.

    • Position Accountability/Scope:

    The position is responsible for providing guidance and support for Cybersecurity Controls Management to both business and IT control owners.

    Minimum Education:

    Bachelors Degree (preferably in Computer Science or Information Technology) or equivalent plus 4+ years of related work experience with IT general controls, data privacy and audit support, or an equivalent combination of education and work experience.

    Minimum Experience/Training Required:

  • Strong analytical skills and the ability to organize work in a logical, thorough and succinct manner.
  • Highly self-motivated, goal orientated, and self-directed
  • Good understanding of Cybersecurity Standards, SOX, General IT Controls, PCIDSS, Operations Technology and Data Privacy Regulations. Previous auditor experience preferred.
  • Familiarity with GRC Tools such as Archer will be preferred.
  • CISSP / CISA or similar certification preferred but not essential.
  • Good understanding of IT systems and controls including: ERPs, Web systems, e-commerce, data centres, network infrastructure, patching, access controls, databases, CRM, cloud systems etc.
  • Familiarity with risk management principles, regulatory requirements and, industry best practices.
  • Flexibility to adapt to changing assignments and ability to effectively prioritize
  • Excellent ability to communicate effectively, both verbally and in writing to all levels of management
  • Ability to express a point of view, and advise on risk and control considerations