Jobs Filtered by

india Cyber Risk and Compliance Analyst

  • Location
    (INDIA) and Gurgaon
  • Job Reference
    20152
  • Functional Area/Experience
    IT / 2 Years

Job Description & Qualifications

The Economist Group is the leading source of analysis on international business and world affairs. We deliver our information through a range of formats, from newspapers and magazines to conferences and electronic services.

The Information Security team operates the Information Security Program and is responsible for the standard of information security across the Group. We define and implement our security strategy and mitigation activities across our brands. We work with business units to ensure that the confidentiality, integrity and availability risks that they are exposed to are clearly understood and appropriately managed.

The Cyber Risk and Compliance Analyst is a member of the Information Security team and the job holder is responsible for establishing, implementing, monitoring, reviewing and improving a suitable set of controls to protect our information assets and ensure the business objectives of the organisation.

Responsibilities:

  • Conduct risk assessments to identify potential vulnerabilities and threats to the organisation's information systems, networks, and data.
  • Develop and implement  comprehensive GRC frameworks and risk management strategies and policies to mitigate identified risks and enhance organisational resilience.
  • Monitor and evaluate the effectiveness of risk management strategies and policies.
  • Ensure compliance with applicable regulatory and legal requirements, as well as industry standards and best practices (PCI-DSS 4.0)
  • Develop and maintain an effective vendor risk management program.
  • Conduct vendor risk assessments and evaluate vendors' compliance with applicable security requirements.
  • Work closely with third-party vendors to ensure their adherence to our organisation's security policies and standards.
  • Identify and address any security gaps or vulnerabilities in the vendor management process.
  • Ensure that all vendor contracts contain appropriate security requirements.
  • Develop and deliver training to employees on cyber security and risk management best practices.
  • Coordination of annual General IT Controls Audit and any other ad-hoc Audit.
  • Maintaining the policy library and monitoring compliance and review.

Requirements:

  • Bachelor's degree in Cyber Security, Information Technology or related field.
  • At least 2 years of experience in risk and compliance, with a focus on cyber security.
  • Strong knowledge of cyber security regulations, standards and best practices, including NIST, ISO 27001 and PCI-DSS.
  • Experience in developing and implementing effective risk management strategies and policies.
  • Experience in conducting vendor risk assessments and managing vendor relationships.
  • Experience with assisting with audits
  • Excellent analytical and problem-solving skills.
  • Excellent communication and interpersonal skills.
  • Ability to work independently and as part of a team

Accountabilities

  • Conduct risk assessments to identify potential vulnerabilities and threats to the organisation's information systems, networks, and data.
  • Develop and implement  comprehensive GRC frameworks and risk management strategies and policies to mitigate identified risks and enhance organisational resilience.
  • Monitor and evaluate the effectiveness of risk management strategies and policies.
  • Ensure compliance with applicable regulatory and legal requirements, as well as industry standards and best practices (PCI-DSS 4.0)
  • Develop and maintain an effective vendor risk management program.
  • Conduct vendor risk assessments and evaluate vendors' compliance with applicable security requirements.
  • Work closely with third-party vendors to ensure their adherence to our organisation's security policies and standards.
  • Identify and address any security gaps or vulnerabilities in the vendor management process.
  • Ensure that all vendor contracts contain appropriate security requirements.
  • Develop and deliver training to employees on cyber security and risk management best practices.
  • Coordination of annual General IT Controls Audit and any other ad-hoc Audit.
  • Maintaining the policy library and monitoring compliance and review.

Experience, skills and professional attributes

  • Bachelor's degree in Cyber Security, Information Technology or related field.
  • At least 4 years of experience in risk and compliance, with a focus on cyber security.
  • Strong knowledge of cyber security regulations, standards and best practices, including NIST, ISO 27001 and PCI-DSS.
  • Experience in developing and implementing effective risk management strategies and policies.
  • Experience in conducting vendor risk assessments and managing vendor relationships.
  • Experience with assisting with audits
  • Excellent analytical and problem-solving skills.
  • Excellent communication and interpersonal skills.
  • Ability to work independently and as part of a team

The Economist Group values diversity. We are committed to equal opportunities and creating an inclusive environment for all our employees. We welcome applicants regardless of ethnic origin, national origin, gender, gender identity, race, colour, religious beliefs, disability, sexual orientation , age or marital status.



X

Please confirm If you want to unregister

Yes No

X

You have been unregistered from gradlink