Information Security Manager

The Information Security & Assurance (IS&A) is a global team that is responsible for ensuring all security risks pertaining to business delivery and Client engagements are managed end to end. The team engages on a frequent basis with business leaders to identify, analyze and mitigate security risks. The team is also the primary touch point between the Corporate Security Group and Business teams, while supporting the business on Client security requirements and compliance.

As a Manager in IS&A, you will be part of Corporate Security Group and facilitate security requirements for Cognizant GGM (Global Growth Markets) Business and its clients.

• Manage security and compliance risks in service delivery for key verticals
• Communicate with Business teams to understand all critical security requirements and risk scenarios
• Engage in IS&A program for the key accounts: define control framework; identify and evaluate risks; understand business context and prepare reports and recommendations
• Coordinate with Incident management team during incidents and support investigation of security breaches
• Perform annual Security Risk assessments and conduct related ongoing compliance monitoring activities in coordination with Privacy Officer and Legal Team members
• Manage External ISO 27001 audit and coordination with auditors: plan out audit schedule and charter for corporate functions and coordinate with all internal stakeholders towards preparation
• Assess, prepare and ensure all IT systems, policies and procedures fully comply with Cognizant ISO 27001 SoA, local laws and cross-borders regulations
• Engage with different stakeholders: external auditors, customer visitor, business leaders and corporate teams, such as HR, legal, IT, etc.
• Conduct reviews to assess the service delivery control environment and evaluate adherence to client identified contractual requirements, Cognizant policies and standards