Job Title: Information Risk Manager Reference number: 35232 Location: London Salary: £57,000-£67,000 Advert posting: 16/06/2020 Advert expiry: 13/07/2020
The Information Risk Management (IRM) is a global team that is responsible for ensuring all security risks pertaining to business delivery and Client engagements are managed end to end. The team engages on a frequent basis with business leaders to identify, analyze and mitigate security risks. The team is also the primary touch point between the Corporate Security Group and Business teams, while supporting the business on Client security requirements and compliance. We are currently searching for an Information Risk Manager. The role will be part of Corporate Security Group and will facilitate security requirements for Cognizant offices and its clients. Responsibilities: • Manage security and compliance risks in service delivery for key verticals and communicate with Business teams to understand all critical security requirements and risk scenarios. • Engage in IRM program for the key accounts: identify and evaluate risks; understand business context and prepare reports and recommendations. • Coordinate with Incident management team during incidents and support investigation of security breaches. • Perform annual Security Risk assessments and conduct related ongoing compliance monitoring activities in coordination with Privacy Officer and Legal Team members. • Manage External ISO 27001 audit and coordination with auditors: plan out audit schedule and charter for corporate functions and coordinate with all internal stakeholders towards preparation. • Assess, prepare and ensure all IT systems, policies and procedures fully comply with Cognizant ISO 27001 SoA, security laws, rules and regulations. • Engage with different stakeholders: external auditors, customer visitor, business leaders and corporate teams, such as HR, legal, IT, etc. • Conduct reviews to assess the service delivery control environment and evaluate adherence to client identified contractual requirements, Cognizant policies and standards. • PCI-DSS related activities including the identification of compliance gaps, the development of remediation plans, scan, PCI certification, documentation, monitoring compliance status, and ultimate attestation of compliance. • Support business team during deal pursuit.
Requirements: • Educated to Bachelor degree in Computer Science or relevant field. • Proven experience in information security and risk management field, especially with Technology Risk Management / IT Audit and Security Governance in enterprise organizations. • Cloud Security experience with multiple Cloud service providers such as: AWS, Google Cloud, Azure Microsoft. • Experience in implementing DevSecOps model for all major application stack in CI/CD pipeline staging Jenkins, GitHub Runner & cloud service pipeline using Clair API, Sonar cube, Aqua, OWASP etc. • Experience in GDPR and PCI-DSS compliance audit. • Relevant certifications such as CCSK, CISA or CISM etc. • Conducting third party risk assessment for SaaS, PaaS and IaaS solutions. • Strong experience in understanding and deploying risk management and security frameworks such as NIST, ISF and ISO. • In-depth understanding of network and system security technology and practices across all major-computing areas (Network, firewalls, client/server, PC/LAN, telephony) with a special emphasis on Internet related technology. • Understanding of DLP and eDiscovery tools as well as mapping Data Flows and processes. • ISO 27001 Certification - implementation of ISMS and lead auditor qualification. • Ability to present complex solutions to clients and business leaders. • Excellent written and verbal communication and organizational skills.
About Cognizant: Cognizant (Nasdaq-100: CTSH) is one of the world's leading professional services companies, transforming clients' business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant is ranked 195 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @Cognizant.