Cyber Risk Analyst

Position Title Cyber Risk AnalystPosition Type Regular - Full-Time xe2x80x8bPosition Location GurgaonGrade Grade 04Requisition ID 33022McCain Foods Limited is actively seeking a dedicated and self-motivated professional to join its dynamic Global Information Security team The focus of this position is to act as an Information Security Risk expert responsible for enabling our business to make smart risk-based decisions on technology and business investments that have a successful impact on the information security posture for our world-renowned food company This Senior Information Security Analyst is a key member of the Information Security function responsible for leading and executing IT risk management and governance processes within the organization This includes performing risk assessments tracking mitigation efforts and developing risk metrics and risk reports This position is also responsible for leading security risk-related projects and enhancement programs and contributing to and monitoring compliance to McCains security policies and standards This role provides executives leaders decision-makers and staff with the security insights they need to make those smart decisions It combines program management skills with broad security domain knowledge cross-company relationship building with rigorous data management and insightful business-relevant analysis McCain Foods provides each of our Information Security team members exposure to a broad range of responsibilities activities and projects providing you an accelerated opportunity to grow and develop professionally Primary Function Manage and improve a Third-Party Risk Assessment framework and methodology Enhance a repeatable process to assess third party cyber risk Establish and maintain relationships with the business owners to identify third parties provide information regarding potential risks to the business information and content assets and support review of contracts Work with relevant business units and third parties to complete assessments identify requirements implement policies and procedures and maintain an inventory of third-party vendors Optimize and streamline operating processes for risk assessments analysis and reporting metrics Establish and maintain relationships with key partners in the security risk legal privacy finance and enterprise planning groups Support update enhance when possible and maintain information security policies and procedures Actively participate in Information Security Incident investigation as may be required Specific Skills Knowledge A broad knowledge of information security principles and industry standards Significant understanding of NIST ISO27002 COBIT and CIS Excellent written and verbal communication skills with experience presenting and explaining complex design information security concepts and IT risk-related concepts to technical and non-technical audiences Able to successfully prioritize and manage to completion multiple complex tasks and deliverables Act as security risk management ambassador to both internal and external customers Provide guidance and leadership to other risk management team members Ability to gain a comprehensive understanding of business needs and to deliver high-quality prompt and efficient service Education and Experience Demonstrated capability in leading Information Security governance risk and compliance and controls assessment gained through relevant work experience in this field University degree computer sciences and or engineering highly desirable Must have a current CISSP CISM CISA or related advanced IT security certification Functional knowledge of ISMS governance models i e ISO 27001 NIST information security roles and security controls Functional knowledge of common security certifications i e ISO 27001 SOC2 and ability to glean significance from findings identified in these reports Ability to communicate risk methodologies and concepts to the business unit and IT Strong interpersonal skills and ability to work effectively with diverse and distributed teams Strong attention to detail project management and organizational skills Strong oral and written English skills are mandatory for this position Knowledge of OneTrust platform is an asset McCain Foods is an equal opportunity employer We see value in ensuring we have a diverse antiracist inclusive merit-based and equitable workplace As a global family-owned company we are proud to reflect the diverse communities around the world in which we live and work We recognize that diversity drives our creativity resilience and success and makes our business stronger McCain is an accessible employer If you require an accommodation throughout the recruitment process including alternate formats of materials or accessible meeting rooms please let us know and we will work with you to meet your needs Your privacy is important to us By submitting personal data or information to us you agree this will be handled in accordance with theJob Family Information Technology Division Global Digital Technology Department xe2x80x8bGlobal IS Security xe2x80x8b Location s IN - India Haryana GurgaonCompany McCain Foods India P Ltd