Senior Manager-Risk Assessment

Position Summary - The position is a member of Risk & Compliance team within HCL Technologies. The DCO will be aligned to critical service delivery engagements and will be responsible for ensuring compliance in accordance to client, organizational & regulatory security requirements.Key Responsibilities - Perform the following functions:- Required to have excellent understanding of the IT Control framework, in particular risk assessment and control selection- Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)- Lead teams and efforts to ensure effective execution of periodic risk assessments and drive integration of remediation efforts with the risk management process- Partner with service delivery leadership to both communicate and manage risk in delivery to an acceptable level- Partner with awareness and training elements to develop and ensure rollout of programs to increase the level of awareness of compliance with policy and process- Lead and perform activities to help measure and monitor compliance with contractual security requirements, company policies and procedures to ensure the account is compliant and audit ready- Lead different compliance & audit testing programs and support successful completion of various external compliance certification programs and internal compliance assessments- Proven ability to lead small teams dedicated to the performance of risk management and assessment responsibilities.- Ability to provide effective management of junior employees.- Develops and provides appropriate guidance on solutions to mitigate risks and enhance system security- Coordinates with other DCO and Delivery Compliance representatives to build out world class compliance program components to include processes, procedures, and technologies.- Deep understanding of privacy and business continuity requirements and support R&C Privacy and BCM teams in execution of their respective program- Demonstrates ability to work in virtual team with help of tools and technologies- Demonstrates ability to handle conflicting situation & should have strong verbal, written communication & analytical skills- Must have systematic and pragmatic approach to problem solving- Demonstrates good inter-personal skills, high standards of professional behaviour in dealings with business customers, colleagues and staff- Have a good technical awareness and the aptitude to remain up to date with information security and IT developments- Ability to communicate Risk to non IT business owners and support function such as delivery, HR, Admin, Legal, Contracting and others- Ability to communicate risk at all levels of management up to and including C-Level executives.- Translate business, industry, and regulatory requirements into information security objectives and associated tactical/strategic information security initiatives- Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.Education Qualification - Graduate or master's degree in IT, Risk Management, Business Management, or a related field.Certifications Required - Certification such as CISA/CISSP/CISM /CRISC/ CGEIT/ISO27001 or any other security related certifications are preferred.Attributes of Ideal Candidate –- At least 10 years’ experience in Information Risk Management/Information Security or auditing.Direct client and leadership experience- Preferably, experienced in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT)- Excellent with Management Reporting, Reviews, Data Analytics- Hands-on experience in Policy management and Governance, Risk modelling, Risk sensing and Data analytics.- Strong communication skills- Ability to provide effective management of junior employees- Demonstrates good inter-personal skills, high standards of professional behaviour in dealings with business customers, colleagues, and staff