jobseeker Logo
Now Apply on the Go!
Download iimjobs Jobseeker App and get a seamless experience for your job-hunting
24/04 Vinay Nijhawan
CEO at Talent Anchor

Views:87 Applications:22 Rec. Actions:Recruiter Actions:18

Analyst - Third Party Assessment - Information Security & Risk Management Function (5-10 yrs)

Hyderabad Job Code: 818422

Role: 3PA Assessor

Service information:

The Third Party Assessment (3PA) team within Information Security and Risk Management function is responsible for assessments of third party security posture, including assessing third party security programs and ensuring protections for all aspects of security for the third party landscape. The Third Party Security and IT Compliance Assessor will conduct information security assessments of vendors providing services to Novartis .

Job Description:

- The assessor should be highly motivated and possess strong, hands-on, technical knowledge of a wide range of information security and IT process controls used for evaluating their design and effectiveness.

- The assessor should also possess strong written and verbal communication skills including ability to communicate clearly and concisely to various levels, and explain the need for key controls to technical and non-technical resources .

Technical skills include the domains of information security and IT process controls including:

- Information Security Areas and controls (Infrastructure Security, IAM / Access Management, Physical Security, Vulnerability Management, Application Security, Cloud Security etc.)

- IT Compliance, Data Privacy / GDPR Compliance and SOX Compliance

- IT Operations - Change, Incident, Patch and Problem Management etc.,

- Enterprise Risk Management

- Very good understanding of NIST, ISO 27001, CIS Benchmarks, SDLC, COBIT standards etc.,

Required Skills:

- Previous information technology/security audit/assessment experience preferred.

- Ensure the security process is governed by organizational policies and practices that are consistently applied.

- Enforce compliance with the security program in a balanced and consistent manner across the organization.

- Ability to leverage attention to detail and analytical skills,

- Ability to multi-task and work both independently as well as part of an assessment team.

- Ability to plan, execute and document assessment activities following established processes and procedures

- CISSP and/or CISA certifications are preferred with five to ten years of experience in information security area.

Location: NKC Hyderabad

Exp: 5 to 10 Years

Notice Period: Immediate or within 30 Days

Women-friendly workplace:

Maternity and Paternity Benefits

Add a note
Something suspicious? Report this job posting.