Specialist Cybersecurity

About the Job The Cybersecurity Risk Management team is part of Chief Security Office CSO and responsible for managing multiple teams that facilitate external audits internal audits analyze policy exceptions conduct risk assessments and run enforceable governance across processes They work closely with the AT T Technology Services ATS teams and Technology Risk Management TRM teams and other CSO teams to ensure the effective and efficient GRC processes Below are the key responsibilities of the Specialist - Risk Management position Develop and maintain a Risk Assessment schedule to ensure all activities supporting the annual Risk Assessment process are identified assigned and completed in a timely manner to be compliant with ISO 27001 SOC and PCI risk requirements Ensure end to end risk assessment process documentation and process flows of the Risk assessment and Risk reporting processes are created reviewed updated and maintained Ensure the Risk Assessment scope objectives and deliverables are documented and managed Schedule and facilitate the annual Risk Assessment process making sure the Risk Assessment is completed in a timely manner Create and publish the monthly Risk Management report Ensure the annual Risk Assessment presentation is created to include the timeline communication protocols and expectations to help facilitate the process Ensure the kick-off presentation is finalized 2 weeks before the annual Risk Assessment kick-off meeting is scheduled to be conducted Schedule and conduct the annual Risk Assessment kickoff meeting Respond to the external auditor s risk related inquiries clarification requests and follow-ups Ensure the confidentiality and integrity of sensitive information obtained as a result of facilitating the risk assessment process Track and manage Risk Management related action items resulting from external audit findings driving timely remediation and validating all reported items have been addressed in a timely manner Help create and support an environment of continuous improvement Educate staff on Risk Management processes requirements and compliance best practices Facilitate training for internal Data Owners to drive process improvements Create and publish monthly Vulnerability Management ISO and SOC Audit reporting Create and publish monthly ISO and SOC Audit Management reporting Assist the Audit Management team with responsibilities as needed Experience Level 5 years Location Hyderabad Bengaluru Required skills 3 years minimum experience in conducting IT audits Risk assessments information security compliance or IT security operations A minimum of 2 years experience leading ISO 27001 SOC or PCI audits preferred Strong understanding of cybersecurity frameworks and standards e g NIST ISO 27001 CIS Controls Advanced risk management project management time management Microsoft PowerPoint Excel Outlook and Word skills Desirable skills Prior experience with Telecom sector Relevant certifications such as ISO 27001 Lead Auditor Implementer CISSP CISM CRISC or CISA Additional information if any Need to be flexible to provide coverage in US morning Weekly Hours 40 Time Type Regular Location Hyderabad India It is the policy of AT T to provide equal employment opportunity EEO to all persons regardless of age color national origin citizenship status physical or mental disability race religion creed gender sex sexual orientation gender identity and or expression genetic information marital status status with regard to public assistance veteran status or any other characteristic protected by federal state or local law In addition AT T will provide reasonable accommodations for qualified individuals with disabilities AT T is a fair chance employer and does not initiate a background check until an offer is made