Specialist - IT Security GRC
Thane, MH, IN, 400604
If the chemistry is right, we can make a difference at LANXESS: speed up sports, make beverages last longer, add more color to leisure time and much more.
As a leading specialty chemicals group, we develop and produce chemical intermediates, additives, specialty chemicals and high-tech plastics. With more than 13,000 employees. Be part of it!
Senior Analyst - IT Security GRC
He / She will
1.Implement security controls, risk assessment framework that align to requirements, ensuring documented and sustainable compliance.
2.Evaluates risks and develops security standards, procedures, and controls to manage risks.
3.Implements processes such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks. Develops reporting metrics, dashboards, and evidence artifacts.
4.Defines and documents business process responsibilities and ownership of the controls. Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports.
5.Review and update security controls and provides support to all stakeholders covering internal assessments, regulations, protecting Personally Identifying Information (PII) data.
6.Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
7.Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
8.Trains, guides, and acts as a resource on security risk assessment functions to other departments.
Requirements
- Specific Education
- Any Graduate or Master degree
- Work Experience
- 5 to 10 years
- Special Skills
- Profound knowledge in Governance, Risk assessment, Information systems auditing, monitoring, controlling and assessment process.
- Ability to maintain effective working relationships with service provider, project teams, and internal IT and business departments with strong communication skills and a strong ability to deal constructively with conflicting targets beyond own or team reporting line.
- English business fluent, intercultural skills to lead/ interact foreign countries team members or vendor counterparts
- knowledge in IT service delivery. Knowledge of all ITIL Processes. CISA, NIST certification would be preferred.
Contract type: Regular
What we offer you
- Compensation: We offer competitive compensation packages, inclusive of a global bonus program and an individual performance bonus program.
- Comprehensive Benefits: We provide a variety of benefits to support your financial security, health and wellbeing including retirement plans, health programs, life insurance and medical care.
- Work-Life & Flexibility: We support you in maintaining a balance between working hours and personal life. With our global “Xwork” program, we offer flexible working arrangements in all countries in which we operate.
- Training & Development: We are committed to your professional and personal development and encourage you in the ongoing pursuit of education, training and knowledge through both formal and informal learning .
Diversity: For us, talent matters, we welcome everyone who commits to our values. We strongly believe that including diverse perspectives makes us more innovative and enhances our competitiveness. Therefore, we embrace the uniqueness of every single individual and are truly committed to supporting our people in developing their individual potential.
Your contact person for questions is your recruiting team:
Papia Das
Job Segment:
Information Security, Information Systems, Engineer, Technology, Engineering, Security