Job Description :
Inviting applications for the role of Senior Manager, Information Security - Audit & Compliance
In this role, you will help drive continuous improvement of information security related processes and meet customer security commitments. Candidate will own the process of attaining security certifications as applicable and maintain security posture as defined by Genpact & Genpact clients. Candidate will be primary point of contact for information security governance for specific initiatives and work with global teams in various functions to ensure that Info Security contract requirement, policies and client security requirements are implemented uniformly.
Works with Digital Functional teams to understand and work through Digital/AppSec Risks in technology implementations of Digital Platforms , AI/ML or RPAs etc
Ensuring alignment of regional IT and privacy requirements with that of global and ensuring relevant cybersecurity and privacy laws are factored in
Basic understanding of application security scanning tools required e.g. Fortify, Veracode, IBM Appscan source, IBM Rational AppScan,Burp Suite, CheckMarx, WebInspect etc.
Knowledge of security frameworks like OWASP Top 10, NIST, SANS etc.
Understanding of technical information security concepts
Basic understanding on Data security, AWS, Azure Sales ForceCloud security concepts
Knowledge of cybersecurity concepts (threats, vulnerabilities, risk, confidentiality, integrity, availability, cryptography, network/application security, web security, etc.)
Should have familiarity with security standards, and should have experience with ISO 27001/2, PCI DSS, SSAE16, NIST/FedRAMP, etc.
Maintain compliance to Regulatory and Industry Security standards for the organization.
Administer information security reviews in Genpact client environments
Be able to discuss, talk through and represent organizational perspective with respect to Genpact Information Security in governance and other meetings with clients.
Work with other groups in Information Security and other Technology functions in ensuring seamless integration with security and other processes
Own the process of preparation of management dashboards outlining information security compliance measurements against established baseline
Conceptualize and drive implementation of a comprehensive security framework as part of new initiatives
Monitor changes in relevant regulations and accreditation / certification standards affecting information security and make recommendations to the CISO and internal stakeholders on the need for policy changes.
Responsible for information dissemination on Information Security policy, Procedures, Best practices etc within the specific clients / lines of businesses
Reviewing the Master Service agreements, SOWs, DTA\u2019s and other contractual documents for existing & new clients. Also reviewing IT architecture/Solutions proposed for deals and identify inherent risks in the proposed IT solutions and suggest appropriate safeguards.
Identify opportunities for improvement of the complete RFX process.
Articulate contractual risks and work with senior management to mitigate the same
Professional certifications such as CISA / ISO27001 LA and similar International Certification are preferable (though not mandatory)
Must have overall experience in Information Security / IT compliance / Systems Audit/Contract Management
Must have relevant experience as per the Position Summary
Must have worked with a reputed consulting organization or IT Services Organization.
Experience in external / client facing roles
Should have been extensively involved in process reviews with respect to identifying risk and testing of controls
Sound knowledge of Risk management with an ability to talk to process owners, identify potential risks within organizational context, and work with stakeholders in recommending and implementing mitigating controls
Experienced at collating and preparing information security and compliance metrics for management consumption
Excellent verbal and written communication skills
Ability to interact with senior stakeholders as well as other functions across a global organization
Ability to interact and work with client stakeholders in communicating and understanding specific requirements. Be the primary Client Security Officer for key clients.
Ability to make an impact, influence and achieve results with effective negotiation, problem-solving and communication skills
Strong facilitation skills with an ability to respond to immediate and urgent requests while juggling conflicting priorities. Should be able to work in high pressure environment when required.
Understanding of industry and regulatory governing bodies standards such as PCI-DSS, SOX, ISO 27001:2013 etc. and other relevant Regulatory guidelines, Data Privacy Laws etc
Understanding of regulatory / industry requirements across different verticals like BFSI, Healthcare, Pharma etc
Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation. For more information, visit
.Follow us on
Qualities Needed for This Jobs
Senior Manager \u2013 Information Security - Audit & Compliance
Get Jobs on Facebook. Like Our Facebook Page Bellow
Job Description :inviting Applications For The Role Of Senior Manager, Information Security - Audit & Compliancein This Role, You Will Help Drive Continuous Improvement Of Information Security Related Processes And Meet Customer Security Commitm
Looking for Any Graduate / Post Graduate graduates profile.