Information Risk Manager Cognizant
Teaneck, NJ

Job Description

We continuously seek exceptional associates when recruiting new employees. We pride ourselves on having extensive experience working with clients in all major markets. Cognizant's delivery model is infused with a distinct culture of high customer happiness. We consistently deliver positive relationships, cost reductions and business results. At Cognizant, we believe those who challenge the way they work today will lead the way tomorrow.

Are you ready to be a change-maker? Do you love the challenge of bringing teams together to tackle business problems? Do you dream of working with a dynamic learning community that offers the latest knowledge in Corporate Security? Do you want to see yourself working for a highly respected Fortune 200 company with an established reputation in the Corporate Security space?

The Information Risk Management (IRM) is a global team that is responsible for ensuring all security risks pertaining to business delivery and Client engagements are led end to end. The team engages on a frequent basis with business leaders to identify, analyze and mitigate security risks. The team is also the primary touch point between the Corporate Security Group and Business teams, while supporting the business on Client security requirements and compliance.

Responsibilities:

* You will be responsible for managing security and compliance risks for a key account and communicate with Business teams to understand all critical security requirements and risk scenarios.
* Define control framework; identify and evaluate risks; understand business context and prepare reports and recommendations on the current risk posture of the key account.
* Liaise with different stakeholders: external auditors, client representatives, business leaders and corporate teams, such as HR, legal, IT, etc.
* Responsible for monitoring and ensuring ongoing compliance to PCI DSS for the key account.
* Monitor the remediation of identified vulnerabilities and assessment findings in accordance to client's SLAs.
* Be responsible for the effort to execute an annual comprehensive IT risk assessment to ensure compliance to contractual and regulatory requirements.
* Conduct quarterly security awareness sessions.
* Conduct reviews to assess and monitor the service delivery control environment and evaluate alignment to client identified contractual requirements, Cognizant policies and standards.
* Supports and participates in incident response and technical investigations as needed.
* Other duties as assigned.
* Contribute to the maturation of the in IRM program: define control framework; identify and evaluate risks; understand business context and prepare reports and recommendations.
* Support business team during deal pursuit as needed:
* Communicate and discuss with customer security team an understand security requirements, Build security solutions
* Review solutions to resolve compliance with customer security requirement
* Define the control framework in accordance with the customer requirement

Requirements:

* Bachelor degree in Computer Science or relevant field.
* Strong knowledge of and experience with PCI Security requirements, SSAE 18/ ISAE 3402, SOC2 Standards, rules and regulations.
* Demonstrable experience in information security experience across various information security / information technology risk management domains such as but not limited to: network security, infrastructure security, identity and access management, vulnerability and cyber threat management, host/endpoint security, etc
* Understanding of network and system security technology and practices across all major-computing areas (Network, firewalls, client/server, PC/LAN).
* Experience leading and executing IT Risk Assessments, evaluation of results / findings, and ongoing compliance monitoring
* Experience with regulatory/compliance requirements and other regulatory laws (PCI, PII, Privacy Laws, SOX, HIPAA, etc.)
* Knowledge of Microsoft Office Suite, including Outlook, Project, Excel, Word and Visio
* Experience working with global teams across time zones, cultures and languages
* Legally eligible to work in the country in which the position is located
* CRISC, CISA, CISSP, CISM or other relevant information security industry recognized certification preferred

Personal Characteristics:

* You will have the ability to think strategically; work with a sense of urgency and pay attention to detail.
* You will communicate complex solutions and methods to a general community.
* You're an independent thinker, willing to "step creatively" and take reasonable, calculated risks.
* You will also need excellent written and verbal communication and organizational skills, fluency in English.
* You will possess tight-knit collaboration skills and willingness to be a standout colleague to solve problems and incorporate input from various sources.
* You are able to work in a high-pressure team environment.
* Our strength is built on our ability to work together. Our diverse backgrounds offer different perspectives and new ways of thinking. It supports lively discussions, encourages thought leadership, and helps us build better solutions for our clients.

We want someone who thrives in this setting and is inspired to craft meaningful solutions through true collaboration. If you're comfortable with ambiguity, excited by change, and excel through autonomy, we'd love to hear from you.