Job offer
Lead, Cyber Sec IT RiskM
The position of Lead, Cyber Sec IT RiskM at Northern Trust in Pune, India involves conducting information security risk assessments for third party vendors and monitoring IT controls. The candidate should have experience in information security, risk management and compliance.
Job description
Tasks
- Durchführung von Informationssicherheits-Risikobewertungen für neue und bestehende Geschäftspartner von Northern Trust
- Proof of knowledge in the following areas:
- Information security governance and risk management
- Access control
- Vulnerability and penetration
- Network security
- Application security
- Cryptography
- Security architecture and design
- Operational safety
- Business continuity and contingency planning
- Law, regulations, investigations and compliance
- Physical and environmental safety
- Cloud security
- Assessment of IT control operations, identification of gaps, risks and areas for improvement
- Berichtswriting-Fähigkeiten
- Knowledge of regulations related to banking and compliance
- Familiarity with contract language, analysis and negotiation processes; review of third-party master service contracts to identify IT and security-related clauses
- Work with procurement teams to formulate/renew contracts in accordance with Information Security team guidelines
- Documentation and reporting to management of all results from risk assessment processes
- Zusammenarbeit mit internen Stakeholdern und funktionsübergreifenden Teams, um sicherzustellen, dass alle identifizierten Risiken innerhalb jedes Drittanbieters Geschäftsinhabern zugewiesen und zeitnah abgeschlossen werden
- Fähigkeit, professionell zu interagieren und Beziehungen zu Personen und Teams auf allen Ebenen bei Northern Trust aufzubauen
- Förderung eines positiven und kollaborativen Umfelds
- Fähigkeit, sowohl als individueller Beitrag als auch im Team zu arbeiten
- Quick and effective adaptation to a highly dynamic and fast-paced working environment
Requirements
- Bachelor's degree in computer science or a related field and at least ten years of experience in technology security or an equivalent combination of education and work experience
- Relevante Zertifizierung (z.B. CISSP, CRISC, CISM) ist von Vorteil
Preferred skills
- Tiefere Kenntnisse von Informationssicherheit, Risikobewertungen, Sicherheitsrisikomanagementprinzipien
- Verständnis von Technologie-Kontrollen im Zusammenhang mit Anwendungs- und Systemvulnerabilitäten
- Advanced experience with MS Office, SharePoint and reporting tools
- Ability to create visual representations of processes and risks to support executive updates
We offer
- A flexible and collaborative working culture
- An organization where financial strength and stability are assets that encourage us to explore new ideas
- Career development and further training
- Eine Arbeitsumgebung mit einem höheren Zweck
- Reasonable accommodation for people with disabilities
Job details
Training opportunities powered by skillaware.