Job Description:

Position Description

This role will work in the integration phase of Cognizant’s acquisitions to ensure adherence to Cognizant’s corporate security policies, procedures, baselines and guidelines. The role will involve working in collaboration with IT teams as well as Corporate Development and Business unit teams.

Team members work with cross functional teams, reference internal resources and generate solutions for our clients. All team members must be dedicated to our values including transparency, passion, empowerment, collaboration, customer focus, and integrity.

 

 

 

Role/Functions

·         Manage security and compliance risks in Cognizant’s acquisitions infrastructure environment and communicate with IT and Business teams to understand all critical security requirements and risk scenarios

·         Coordinate with Incident management team during incidents and support investigation of security breaches

·         Assess, prepare and ensure all IT systems, policies and procedures fully comply with Cognizant ISO 27001 SoA, security laws, rules and regulations

·         Conduct reviews to assess the service delivery control environment and evaluate adherence to client identified contractual requirements, Cognizant policies and standards

·         Understand goals, strategy and objectives and deliver analytic solutions

·         Create and deliver insightful information in an understandable format

·         Leverage internal resources to meet objectives and deadlines

·         A focus on using metrics with proper risk management practices

·         Visionary mindset to continue the evolution and maturity within the security metrics program

·         Ability to work with other members of team

Requirements

·         Bachelor’s degree in computer science, engineering, analytics or equivalent experience; Master’s preferred

·         5 years minimum information security experience

·         Security certifications such as ISO 27001 LA, CISA, CISSP preferred

·         Strong knowledge on ISO 27001 standards, SSAE 18/ISAE 3402, GDPR and EU Data Protection directive, rules and regulations.

·         Understanding of security data from platforms including to vulnerability management, data loss prevention, security event managers, security intel services, cloud service providers, identify access management systems, endpoint protection systems, etc.

·         Strong analytical skills with the ability to collect, organize, analyze and disseminate significant amounts of information with attention to detail and accuracy

·         Advanced communication, critical thinking, interpersonal relationship and problem-solving skills

·         Excellent oral, written, spreadsheet and presentation communication skills.

·         Ability to meet deadlines, manage multiple projects and work independently and as part of a team

·         Exhibited a strong sense of ownership, urgency, and attention to detail

·         Demonstrated ability to thrive in a dynamic environment, tracked progress on multiple priorities simultaneously and deliver high quality work

 

Desired Skills

·         Experience on ISO 27001 Information Security Management system, Risk Assessments, Evaluation of results / findings, IT GRC Governance Risk Compliance Tools

·         In-depth understanding of Cloud, Network and System security technology and practices

·         Understanding of risks and thresholds associated with a security metrics program

·         Good MS Excel and PowerPoint reporting skills

Apply Now