Cyber Risk Assessment/GRC- Lead Consultant
2 weeks ago
We have an opportunity for someone having experience in performing Security Risk Assessments to join the Information Security department as a Cyber Risk Security Assessor in the Allstate Technology & Strategic Ventures (ATSV).
The Cyber Risk Assessor will be responsible for supporting the company's efforts to identify, assess and evaluate security risks through business-as-usual cyclical assessments and ad hoc consultations.
This individual will be a key contributor managing operational activities to reduce risks to business goals in close consultation with other Information Security, ATSV and business partners.
The analyst needs to understand information security best practices, risk assessment methodologies, and working across multi-functional teams.Job Responsibilities
Conducts risk assessment at the network, systems, platforms and application level.
Involved in addressing and providing guidance on wide range of security issues including architectures, platforms including Public Cloud, electronic data traffic, and network access.
Driving the company's efforts to proactively identify, assess, and communicate the company's information security risks to leadership and board.Ensure compliance with security policies and standards.
Deep understanding of Cyber programs such as Threat Management, Secure SDLC, Security Architecture, Network and Data Protection.
Work in close partnership with internal information security and business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent management of risks by following a structured risk assessment methodologyWorks independently to lead and complete high quality threat-based risk assessments across a diverse set of technologies, business functions, and platforms.
This position will also proactively drive process improvements, overcome barriers to success, build professional relationships across the company, brief senior leaders, and mentor others.
Primary Skills
The successful candidate will be required to collaborate across security/IT teams and business partners to assess and report risk ratings of assets/technologies/platforms/cloud which have impact on enterprise and identify process improvement areas.
A broad range of professional skills, along with strong interpersonal skills, will be required for problem-solving and collaboration with virtual cross-functional work groups.
This resource is expected to serve as a subject matter expert and trusted advisorthat can clearly articulate Allstate security policies, standards and risks to assets to both technical and business audiences alike.
ExperienceExperience with information security risk management framework, assessment, audit and controls based on industry standard frameworks (i.e. NIST CSF; ISO; HiTrust, FAIR)Experience with regulatory requirements (i.e.
PCI; GDPR; HIPPA; CCPA; etc.)Experience using/knowhow of various tools and technologies in support of the assessment/audit process (RSA Archer, Qualys, Bitsight, etc.)Experience gathering information from a range of different sources to help identify weaknesses in security controlsExpert with security control design, development, implementation, and monitoringMinimum of 6-8 years of IT experience in either an infrastructure or development background with proficiency in Cyber Risk Assessments.
Shift Timing1PM - 9:30 PM
-
Cyber Risk Assessment/GRC- Lead Consultant
2 weeks ago
Pune, Maharashtra, India Allstate Benefits Full timeJob Description We have an opportunity for someone having experience in performing Security Risk Assessments to join the Information Security department as a Cyber Risk Security Assessor in the Allstate Technology & Strategic Ventures (ATSV). The Cyber Risk Assessor will be responsible for supporting the company's efforts to identify, assess and evaluate...
-
Lead, Cyber Sec IT RiskM
2 weeks ago
Pune, Maharashtra, India Northern Trust Corporation Full timeDescription Northern Trust Technology Risk & Control function is responsible for enabling Global Information Technology to build a strong 1st Line of Defense, foster a control aware culture, deliver compliant and secure technology capabilities, protect customers and meet regulatory requirements. The Principal cybersecurity risk and control officer is...
-
Principal- IT Risk
2 weeks ago
Pune, Maharashtra, India Northern Trust Full timeNorthern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service,...
-
Principal, Cyber Sec IT Riskm
2 weeks ago
Pune, Maharashtra, India Northern Trust Corp. Full timeAbout Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring...
-
GRC Fusion
2 weeks ago
Pune, Maharashtra, India Stratacent Full timeAs a GRC Fusion Business Analyst, you will be responsible for leading the analysis, design, and implementation of Governance, Risk, and Compliance (GRC) solutions using Oracle GRC Fusion applications. You will collaborate closely with stakeholders across various departments to understand their business needs and translate them into functional requirements...
-
SAP GRC Implementation Consultant
2 weeks ago
Pune, Maharashtra, India Teqfocus Full timeTitle: SAP GRC Implementation ConsultantExperience: 12+ years Location : Pune/Gurugram/Chennai/Hyderabad/Mumbai/Bangalore (WFO : 3 days/week)Requirements : Responsible for design, Control, and Audit of all the IT Controls.Experience in implementation of GRC Access ControlReview and creation of SOD rule book for connected target applicationsConfiguration of...
-
Sap Grc Implementation Consultant
2 weeks ago
Pune, Maharashtra, India Teqfocus Full timeTitle: SAP GRC Implementation ConsultantExperience: 12+ yearsLocation : Pune/Gurugram/Chennai/Hyderabad/Mumbai/Bangalore (WFO :3 days/week)Requirements :Responsible for design, Control, and Audit of all the IT Controls.Experience in implementation of GRC Access ControlReview and creation of SOD rule book for connected target applicationsConfiguration of GRC...
-
Information Security Manager
2 weeks ago
Pune, Maharashtra, India Sidel Full timeInformation Security ManagerContract TypePermanentCountryINDIALocationPuneYour opportunityPerforming activities related to information governance, risk, and compliance, ranging from managing cyber risks for the Group (including business processes, IT processes, and OT processes), assessing the security of new and existing solutions, defining and maintaining...
-
Information Security Manager
2 weeks ago
Pune, Maharashtra, India Sidel Full timeInformation Security Manager Contract Type Permanent Country INDIA Location Pune Your opportunity Performing activities related to information governance, risk, and compliance, ranging from managing cyber risks for the Group (including business processes, IT processes, and OT processes), assessing the security of new and...
-
Grcs- Pune
2 weeks ago
Pune, Maharashtra, India KPMG India Full timeROLE & RESPONSIBILITIES Seniors are project team members who will be involved in conducting process consulting/ internal audit/ risk consulting and execution of other solutions of GRCS Seniors may play the role of team leader on some engagements with 13 team members reporting to them for the project. In such cases seniors shall have responsibility of...
-
Associate Lead Consultant
2 weeks ago
Pune, Maharashtra, India YASH Technologies Full timeYASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation. At YASH, we're a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single...
-
Associate Lead Consultant
2 weeks ago
Pune, Maharashtra, India YASH Technologies Full timeYASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.At YASH, we're a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single...
-
Oracle EBS/GRC Technical Consultant
2 weeks ago
Pune, Maharashtra, India Witlance Solution Full timeJob Overview :We're on the lookout for someone who knows their way around Oracle E-Business Suite (EBS) and Governance, Risk, and Compliance (GRC) tools. As an Oracle EBS and GRC Technical Specialist, your job is to make sure our systems are running smoothly, fix any technical issues that come up, and help us use our technology to manage risk and stay...
-
Cyber Manager
2 weeks ago
Pune, Maharashtra, India Maersk Full timeAre you passionate about risk management and cyber security? At Maersk risk is at the heart of our approach to cyber security. We are responsible for ensuring that the Cyber Security risk to Maersk is understood and mitigated effectively, enabling Maersk to deliver on its business outcomes safely and securely. Our Cyber Security Risk Managers work in...
-
ServiceNow Solution Architect
2 weeks ago
Pune, Maharashtra, India Roche Full timeRoche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people's varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche,...
-
Pune, Maharashtra, India THE BANK OF NEW YORK MELLON CORPORATION Full timeCyber Security Third Party Governance Technical Analyst BNYM is seeking an initiative-taking professional to join its Cyber Security Third Party Governance (CTPG) team. The successful candidate will work in a technically diverse and dynamic environment with a team of Cyber Security professionals responsible for the assessment, analysis and governance of...
-
Cyber Issue Engineer
2 weeks ago
Pune, Maharashtra, India Maersk Full timeJoining Maersk will embark you on a transformational journey with great opportunities for career development within a global organisation. Risk is at the heart of our approach to cyber security in Maersk. We are responsible for ensuring that the Cyber Security risk to Maersk is understood and mitigated effectively, enabling Maersk to deliver on its business...
-
Cyber Issue Engineer
2 weeks ago
Pune, Maharashtra, India Maersk Full timeJoining Maersk will embark you on a transformational journey with great opportunities for career development within a global organisation. Risk is at the heart of our approach to cyber security in Maersk. We are responsible for ensuring that the Cyber Security risk to Maersk is understood and mitigated effectively, enabling Maersk to deliver on its business...
-
Pune, Maharashtra, India THE BANK OF NEW YORK MELLON CORPORATION Full timeCyber Security Third Party Governance Technical AnalystBNYM is seeking an initiative-taking professional to join its Cyber Security Third Party Governance (CTPG) team. The successful candidate will work in a technically diverse and dynamic environment with a team of Cyber Security professionals responsible for the assessment, analysis and governance of cyber...
-
Senior Advisor, GRC
2 weeks ago
Pune, Maharashtra, India Maersk Full timeProvides support in designing the internal control framework for simpleand/or more mature processes. Supports in the mapping, assessment and challenge of the simple and/or more mature processes. Key Responsibilities Conduct the control review as per the guidelines of APMT GRC. Conduct the closing meeting with entity senior management to clearly explain...
