Zensar Technologies - Cyber Security Specialist - IT Risk & Compliance (4-10 yrs)

Responsibilities:

- Develop, implement, and maintain cybersecurity governance frameworks, policies, standards, and procedures.

- Ensure alignment of cybersecurity governance with industry best practices (NIST, ISO 27001, COBIT) and regulatory requirements.

- Conduct regular reviews and updates of security policies and procedures to reflect evolving threats and technologies.

- Conduct comprehensive risk assessments to identify and evaluate cybersecurity risks.

- Develop and implement risk mitigation strategies and action plans.

- Maintain a risk register and track progress on risk remediation activities.

- Perform vulnerability assessments and penetration testing coordination.

- Ensure compliance with relevant cybersecurity regulations and standards (GDPR, PCI DSS, SOC 2).

- Manage internal and external cybersecurity audits.

- Prepare and present audit reports and findings to management.

- Coordinate and track remediation efforts for audit findings.

- Develop and maintain security policies, standards, and procedures related to information security

governance.

- Communicate security policies and procedures to employees and stakeholders.

- Provide guidance and training on security policies and procedures.

- Develop and deliver cybersecurity awareness and training programs.

- Promote a culture of security awareness throughout the organization.

- Conduct phishing simulations and other security awareness activities.

- Participate in incident response activities, particularly in the areas of policy and governance.

- Assist in the development and maintenance of incident response plans.

- Assist in post incident analysis.

- Collaborate with various stakeholders, including IT, legal, compliance, and business units.

- Communicate effectively with management and other stakeholders on cybersecurity governance matters.

- Provide expert guidance on security best practices.

Required Qualifications :

- 4+ years of experience in cybersecurity, with a focus on governance, risk, and compliance.

- Strong understanding of cybersecurity governance frameworks (NIST, ISO 27001, COBIT).

- Experience in conducting risk assessments and vulnerability assessments.

- Knowledge of relevant cybersecurity regulations and standards (GDPR, PCI DSS, SOC 2).

- Experience in managing cybersecurity audits.

- Excellent communication and presentation skills.

- Strong analytical and problem-solving skills.

- Ability to work onsite in Pune.

Technical Skills :

- Compliance frameworks and standards.

- Security policy development.

- Audit management.

- Vulnerability management.

- Incident response principles.

- Knowledge of security tools and technologies.