Ensure strategic alignment with existing standards and direction for the architecture, installation, and maintenance of all security components as they relate to the establishment and maintenance of compliance programs.
Demonstrates extensive ability, and/or proven record of success, in IT security management frameworks, especially ISO 27001 and 27002 (17799), and their application in the support and integration of key business and strategic priorities, preferably for a global network or professional services firms, including in the following areas:
Managing strategic and tactical security policy and standards libraries based on those frameworks;
Developing and managing structured risk identification, assessment, and treatment programs for large organizations;
Translating technical IT security concepts into business terms;
Working comfortably with all levels of leadership;
Communicating and promoting the use Network security policies and standards;
Comprehending the value of Network policies and standards, as well as business requirements, and the ability to recognize potential conflicts and arrive at successful outcomes collaborative;
Managing key ISMS components: information asset inventory, risk assessment, security policy and standards development, internal assessment, and report to management;
Understanding existing and upcoming legislative and regulatory requirements by working closely with enterprise risk management and security organizations, as well as safeguarding that they are incorporated in the ISMS;
Addressing risk utilizing standardized and consistent methodology;
Alignment with client mandates / inquiries regarding security posture, including requests to audit, site visits, and independent audits; and,
Communicating, tracking and reporting on revisions to security controls in standards, policies and procedures
Provide leadership during security incidents and response. This may include customer engagement and communications.
Establishment and enforcement of relevant regulatory structures and programs, compliant controls and infrastructure
Responsible for ensuring present and future resource planning needs are met including staffing, software and hardware, and 3rd party contracts
Responsibility for setting direction for security governance - Asses, develop, and implement security policies, procedures and standards that describe pragmatic, risk-based mechanisms to maintain the confidentiality, integrity and availability of information systems and the data processed therein, in accordance with Cognizant Corporate policies and procedures.
Develop and execute standards for design and operational procedures
Work with the Chief Security Officer (CSO), Chief Trust Officer (CTrO), and affiliated Center of Excellence (COE) leaders to ensure Cyber Security practices align with vertical practices, business objectives and evolving threat landscape challenges
Ensure Security / Business strategy alignment by emphasizing a partnership model promoting unified risk visibility.
Cognizant Technology Solutions