Sr. It Security Risk

About Leading-Biotechnology-Company ANSR a market leader in enabling organizations to build manage and scale global teams is partnering with a renowned biotechnology company who is redefining the future of human health by providing solutions to some of the most complex problems in the healthcare industry They are committed to making precision medicine accessible and carries out their business operations in an environmentally sustainable way Now is your opportunity to join their innovative team in Bengaluru India For over 20 years now companies cutting across size industry and markets have relied on ANSR s expertise to successfully build global business and technology teams We can help you land a rewarding career in this dynamic industry If you are eager to contribute to a company with strong values a supportive environment and where you get opportunities to work on challenging projects that uses cutting-edge technology to improve millions of lives this is your chance to join a truly remarkable team Apply today About Illumina Illumina is a leading developer manufacturer and marketer of life science tools and integrated systems dedicated to making genomics useful for all Illuminas integrated Indian global hub in Bengaluru Illumina India Biotechnology Private Limited is focused on technology activities that will help usher in the next wave of innovation in healthcare and medical research If youre eager to work on challenging projects that uses cutting-edge technology to transform the future of healthcare this is your chance to join a truly remarkable team Position Summary The Sr IT Security Risk Compliance Analyst will work within the security certifications team to support and mature a strong security certifications program With an immediate goal to provide operation support in maintaining ISO 27001 C5 and SOC 2 certifications for Illuminas cloud-based analytics products The role will bring the necessary subject matter expertise in the ISO C5 and SOC 2 security certifications space and work with the program manager based in the AMR region to meet future business needs The position requires ability to operate with remote supervision with high customer satisfaction efficiency and accountability towards the success of the program This position interacts with all tiers of staff and management and must possess good project management and organizational skills Scope of Responsibilities Applies core knowledge and understanding of area of specialization to provide solutions in creative and effective ways Assesses unusual circumstances and uses sophisticated analytical and problem-solving techniques to identify cause and suggest variations in approach Works on assignments of diverse scope where information is limited and problem solving requires adaptation of existing techniques Enhances internal and external working relationships and networks with senior partners within area of expertise Adapts style to differing audiences and often advises others on difficult matters that require persuasion Work is done independently and is reviewed at critical points Uses evaluation judgment and interpretation to select best course of action Responsibilities Responsible for ensuring various process owners maintain the required ISO 27001 C5 and SOC 2 and various additional security framework requirements e g NIST PCI HIPAA Management and custodian duties related to GRC tool AuditBoard Documenting evidence that supports compliance with security requirements Coordinates data gathering logging and upkeep of periodic activities as defined within the security management process Develops and maintains periodic review of ISMS program based polices Advises project teams and internal GIS customers on ISO C5 and SOC 2 certification scope and compliance approach Assist and lead process improvement projects to enhance control strength Manage Quarterly compliance requirements for various security frameworks Operate independently to manage end to end compliance activities within projects Develops and maintains metrics to demonstrate security controls health throughout the year Assist in maintaining ISO C5 and SOC 2 security risks open action items and drive them for closure Support internal security audits conducted as part of ISO C5 and SOC 2 programs Schedule maintain and facilitate SME walkthroughs during external and internal audits Work within the GRC audit tool to maintain audit schedules control strength ratings and SME ownership assignments Facilitate and maintain ISO C5 and SOC 2 programs non-conformance actions including root-cause analysis and investigation status Listed responsibilities are an essential but not exhaustive list of the usual duties associated with the position Changes to individual responsibilities may occur due to business needs Requirements Experience with ISO 27001 and SOC 2 requirements and security regulations within other frameworks e g 21 CFR Part 820 11 ISO 13485 FDA SOX HIPAA and C5 Strong organizational skills to maintain and manage activities around ISO C5 and SOC 2 certification projects Strong experience with GRC tool configuration and maintenance e g AuditBoard Experience working within a distributed team in multiple geographical locations Strong oral and written skills to persuade direct and advise stakeholders on security compliance processes Understanding of cloud infrastructure cybersecurity threats vulnerabilities and risk management Ability to articulate security compliance requirements strategy and provide tailored approach to meet the business needs Experience and leadership in fast-paced project implementations Excellent customer service and communication skills Experience with software development lifecycle activities methodologies testing and validation Experience with common IT infrastructure and applications e g virtualization directory services storage DBMS Security certifications such as Security CEH CISA CISM or equivalent are a plus All listed requirements are deemed as essential functions to this position however business conditions may require reasonable accommodations for additional task and responsibilities Experience Education Typically requires a minimum of 5 years of related experience with a Bachelors degree or 3 years and a Masters degree or a PhD without experience or equivalent work experience