09 - Senior Specialist, IT Risk and Compliance

3 weeks ago


India Celestica Electronics (S) Pte Ltd Full time
Job Description

Summary

We are seeking a highly motivated and experienced Senior Analyst to join our Third Party IT Risk Management team. This role is responsible for identifying, assessing, and mitigating information technology risks associated with our third-party relationships. The ideal candidate will possess a strong understanding of IT risk management frameworks, cybersecurity principles, and relevant regulatory requirements. You will play a crucial role in protecting our organization's data and systems by ensuring our vendors and partners adhere to our security standards.

Detailed Description

Performs tasks such as, but not limited to, the following:

- - Vendor Risk Assessment: Conduct comprehensive IT risk assessments of new and existing third-party vendors. This includes evaluating their security policies, procedures, and controls against industry best practices and our internal security requirements.

- Due Diligence: Perform initial and ongoing due diligence on third-party vendors to ensure their security posture remains strong throughout the vendor lifecycle.

- Contract Review: Collaborate with legal and procurement teams to review and negotiate IT security-related clauses in third-party contracts and agreements.

- Continuous Monitoring: Implement and manage a continuous monitoring program to track the security performance of critical vendors. This includes analyzing security ratings, vulnerability reports, and incident notifications.

- Incident Response: Act as a key point of contact for any security incidents involving third-party vendors. This includes coordinating response efforts and ensuring timely resolution.

- Reporting: Develop and maintain risk dashboards and reports for senior management, providing a clear view of the third-party risk landscape.

- Policy and Procedure Development:Contribute to the development and enhancement of our third-party IT risk management policies, standards, and procedures

Knowledge/Skills/Competencies

- - Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.

- Experience: 10-15 years of experience in IT risk management, cybersecurity, or a related field, with a specific focus on third-party risk management.

- Framework Knowledge: In-depth knowledge of IT risk management frameworks such as NIST (800-53, CSF), ISO 27001, and COBIT.

- Regulatory Familiarity: Understanding of relevant data privacy and protection regulations (e.g., GDPR, CCPA).

- Technical Skills:

- Proficiency with third-party risk management tools and platforms.

- Strong understanding of network security, cloud security, application security, and data protection principles.

- Experience with security assessment methodologies and tools.

- Soft Skills:

- Excellent analytical and problem-solving skills.

- Strong written and verbal communication skills, with the ability to effectively communicate technical concepts to both technical and non-technical audiences.

- Proven ability to manage multiple projects and priorities in a fast-paced environment.

- Strong interpersonal skills with the ability to build and maintain effective working relationships with internal and external stakeholders.

Physical Demands

- Duties of this position are performed in a normal office environment.
- Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.

Typical Experience

- - Certifications: Professional certifications such as CRISC, CISM, CISA, or CISSP are highly desirable.

- Industry Experience: Experience working in a manufacturing, and regulated industry (e.g., finance, healthcare) is a plus.

Typical Education

Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.

Experience: 10-15 years of experience in IT risk management, cybersecurity, or a related field, with a specific focus on third-party risk management.

Notes

This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
  • [High Salary] 09

    1 week ago


    India Celestica Electronics (S) Pte Ltd Full time

    Job Description Summary We are seeking a highly motivated and experienced Senior Analyst to join our Third Party IT Risk Management team. This role is responsible for identifying, assessing, and mitigating information technology risks associated with our third-party relationships. The ideal candidate will possess a strong understanding of IT risk...


  • Hyderabad, India Celanese Full time

    Job Description Job Overview Celanese seeks a Senior Specialist, Global Trade Compliance to launch our trade compliance strategy with unmatched expertise and digital sophistication. The Specialist will master free trade agreements, origin management, tariff classification, and customs valuation while driving advanced analytics through SAP, Excel, and...


  • India CES Full time

    we’re currently looking for an Senior Compliance Analyst/ Team Lead/AM/Manager and I think you could be a good fit. We are looking for 5+ years of experience in Compliance - Code of Ethics, I’d like to tell you a little more about this position and learn a few things about you as well. Are you available for a quick call? If so, I’d be happy to set up a...

  • 3 Days Left! 09

    2 days ago


    India Celestica Full time

    Job Description Req ID: 127900 Remote Position: Hybrid Region: Asia Country: India State/Province: Chennai City: Guindy, Chennai Summary We are seeking a highly motivated and experienced Senior Analyst to join our Third Party IT Risk Management team. This role is responsible for identifying, assessing, and mitigating information technology risks...


  • India Amazon Music Full time

    Job Description DESCRIPTION Come build the future with us! At Amazon we expect no more and no less from you. Ever since Amazon opened its virtual doors, our aim has been to become the most customer-centric company in the world. How By having people like you who make sure that our customers can find everything that they are looking for online - at great...


  • India CES Full time

    we’re currently looking for an Senior Compliance Analyst/ Team Lead/AM/Manager and I think you could be a good fit. We are looking for 5+ years of experience in Compliance - Code of Ethics, I’d like to tell you a little more about this position and learn a few things about you as well. Are you available for a quick call? If so, I’d be happy to set up a...


  • India Amazon Music Full time

    Job DescriptionDESCRIPTIONCome build the future with usAt Amazon we expect no more and no less from you. Ever since Amazon opened its virtual doors, our aim has been to become the most customer-centric company in the world. How By having people like you who make sure that our customers can find everything that they are looking for online - at great value and...


  • India CES Full time

    we’re currently looking for an Senior Compliance Analyst/ Team Lead/AM/Manager and I think you could be a good fit. We are looking for 5+ years of experience in Compliance - Code of Ethics, I’d like to tell you a little more about this position and learn a few things about you as well. Are you available for a quick call? If so, I’d be happy to set up a...


  • Pune, India Deutsche Bank Full time

    Job Description AFC & Compliance - Third Party Risk Management Specialist, Associate Position Overview Job Title: AFC & Compliance - Third Party Risk Management Specialist, Associate Location: Pune, India Role Description - As part of DWS AFC & Compliance function, the global Anti-Fraud, Bribery & Corruption (AFBC) team is inter alia responsible for...


  • India Securitas Group Full time

    Job title: Lead Regional Compliance Specialist - APAC Location : India – open to Chennai/Hyderabad/Pune About our team We are a dynamic, dedicated team that provides management and support for a global guarding services account that spans across 30+ countries. Our client is an industry-leading datacenter organization, and we pride ourselves in...