Senior Business Information Security Manager Senior Business Information Security Manager …

in Oslo, Norway
Permanent, Full time
Last application, 15 Nov 21
in Oslo, Norway
Permanent, Full time
Last application, 15 Nov 21
Senior Business Information Security Manager
Permanent Employment - Oslo, Norway

The scope of this position focuses on the Cybersecurity Oversight and Governance for Cognizant. The Sr. Manager will provide operational support as an individual contributor within the Corporate Security organization. Additional activities include supporting strategic and technical initiatives, performing Operational Risk Assessments, managing Risk Acceptance activities, developing annual risk posture and remediation recommendation report, and completion verification reviews of security projects and initiatives. Candidates will have a proven ability to infuse innovation and creativity into tactical activity with a focus on exceptional customer service.

About Cognizant
Cognizant (Nasdaq-100:CTSH) is one of the world's leading professional services companies, transforming clients' business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant is ranked 194 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at or follow us @Cognizant.

About the Team / Business Unit
The Business Information Security (BIS) is a global team that is responsible for ensuring all security risks pertaining to business delivery and Client engagements are managed end to end. The team engages on a frequent basis with business leaders to identify, analyze and mitigate security risks. The team is also the primary touch point between the Corporate Security Group and Business teams, while supporting the business on Client security requirements and compliance.
As a Senior Manager in BIS, you will be part of highly skilled team and an environment encouraging professional and personal development. You will guide Business teams on information security, including compliance with contractual obligations and internal requirements. Through contract reviews, risk assessments, security governance, ISMS implementations, and control validations with Delivery and corporate functions (HR, IT, Legal, Privacy, etc.), you will assess and improve the information security of several accounts within Cognizant's GGM (Global Growth Markets) Business. You will play a key role in the Nordics and have visibility in the organization and among our client's CISOs.

Your Profile:

  • Strong experience in business development and account management
  • At least 8-10 years of Experience in Security & Compliance domain
  • Exposure, Knowledge & working experience on various Regulatory & Compliance standards/frameworks such as GDPR, PCI DSS etc.,
  • Experience on managing Security Compliance program
  • Knowledge on GDPR and EU Data Protection directive
  • Already have or in process to obtain Security Certifications e.g. CISA, CISSP, CISM, etc.
  • Experience on ISO 27001 Information Security Management system, Risk Assessments, Evaluation of results / findings, IT GRC Governance Risk Compliance Tools
  • Participation in information security and risk management field, especially with Technology Risk Management / IT Audit in Enterprise organizations
  • Knowledge in understanding and deploying risk management and security frameworks such as NIST, ISF and ISO
  • Knowledge of SSAE/ISAE3402, SOC 1 and SOC 2 and PCI-DSS, assessment and control implementation
  • Basic Understanding of network and system security technology and practices across all major-computing areas with a special emphasis on Internet related technology
Your Key Result Areas:

  • Manage security and compliance risks in service delivery for Nordics Customer
  • Communicate with Business teams to understand all critical security requirements and risk scenarios
  • Engage in BIS program for the key accounts in the region
  • Define comprehensive control framework meeting Nordics Regulatory requirements & contractual obligations
  • Educate Business teams on Security & Compliance requirements
  • Drive the Security Program for various accounts and enable Business to achieve the compliance
  • Establish ISMS in line with the standards such as ISO 27001
  • Identify and evaluate risks
  • Understand business context and prepare Risk reports and recommendations
  • Interface with Customer (s) to respond any queries, demonstrate the compliance, understand the issues etc.,
  • Coordinate with Incident management team during incidents and support investigation of security breaches
  • Perform annual Security Risk assessments and conduct related ongoing compliance monitoring activities
  • Engage with different stakeholders: external auditors, customer visitor, business leaders and corporate teams, such as HR, legal, IT, etc.
  • Conduct reviews to assess the service delivery control environment and evaluate adherence to client identified contractual requirements, Cognizant policies and standards
  • Perform Security Awareness Sessions for various stakeholders within Business
Personal Characteristics:

  • Ability to think strategically; work with a sense of urgency and pay attention to detail
  • Ability to present complex solutions and methods to a general community
  • Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks
  • Excellent written and verbal communication and organizational skills in English and Norwegian
  • Strong collaboration skills and willingness to be a team player to solve problems and incorporate input from various sources
  • Willing to travel (10%)
If you're comfortable with ambiguity, excited by change, and excel through autonomy, we'd love to hear from you!
Cognizant logo
More Jobs Like This
See more jobs