Cybersecurity Analyst


Cybersecurity Analyst

  • Mumbai, MH, India


Cybersecurity Policy Management and Maintenance Cybersecurity Training Awareness Campaigns Cybersecurity Regulatory Policy Compliance Program Cybersecurity Risk Assessment Privacy and Data protection Initiatives Participate in understanding the enterprise objectives and translating them into annual cybersecurity data protection strategy, roadmap, and objectives. Work with the business, CISO, and cybersecurity management to understand compliance gaps, requirements, technical needs and translating them into standard process and configurations. Participate in establishing and maintaining security and privacy policies, baselines, standards, checklists, and processes. Participate in establishing a strong and effective Cybersecurity Data Protection Governance model and instituting a sound GRC platform based on a unified security compliance model. Participate in the execution of enterprise-wide cybersecurity data protection awareness programs with an objective to enhance staff awareness levels. Participate in establishing and maintaining cybersecurity data protection KPIs and metrics and risk register. Participate in maintaining overall cybersecurity data protection remediation plans and managing waivers and exceptions. Participate in cybersecurity data protection process assessment and optimization. Coordinate and prepare management reporting. Participate in Identifying and keeping track of cybersecurity data protection compliance mandates and work with governance in the creation, implementation, and maintenance of appropriate procedures to be compliant with all applicable regulations eg, supplier risk assessments. Responsible for identifying compliance gaps and recommending, implementing, and maintaining technical and procedural controls to enable regulatory compliance in the most reasonable and cost-effective manner. Liaison with other business lines and support divisions in the implementation of regulatory compliance requirements. Responsible for tracking audit findings and recommendations to ensure that appropriate mitigation actions are taken while supporting necessary compliance activities. Participate in the management of critical cybersecurity data protection compliance programs including ISO 27001, ISO21434, NIST CSF and compliance mandates from UNECE and other global mandates for cybersecurity and privacy. Responsible for supporting external and internal IT/backend IT infrastructure, audit activities for ISO 27001, ISO21434, and SOX compliance. Participate in understanding and interpreting emerging and evolving data protection and privacy standards and translating them into updates for policy and compliance programs. Skill Requirements: Ability to interface with all levels within organization and provide input to facilitate decisions. Ability to interface with all levels within organization and provide input to facilitate decisions. Analytical skills and ability to formulate, articulate, and present recommendations. Familiarity with issues relevant to cyber risk management in the mobility industry. Ability to multi-task and prioritize in fast changing environment. Ability to relate business requirements and risk to technology and process implementation for security and privacy management issues. Ability to maintain a detail-oriented approach while multitasking in a fast-paced environment. Highly organized, self-motivated, and accountable. High aptitude for learning and can quickly and effectively handle tasks that require initiative and sound judgment. Excellent English written and verbal communication skills. Strong problem-solving and technical writing skills. Understands the need for collaboration, and consistently practices effective teamwork with others. Capable of prioritizing and managing project, assignments, tasks to completion with minimal supervision. Educational Requirements: Bachelor s degree (BS) in MIS, IT, Information Security, Risk Management or related field (MBA is a plus) Professional Cybersecurity and/or Privacy Certification (CISSP, CIPP, CRISC) desirable or the ability to obtain in the first 6 months after hire. 5+ years in Information Security or Privacy/Regulatory Compliance field or Juris Doctor Degree. Strong knowledge and awareness of Corporate Governance, Risk Management methodologies. Excellent knowledge of information security, related business processes, and control objectives. Knowledge of information security and privacy standards, codes of practice and guidelines. Project management skills, including financial/budget management, scheduling and resource management, certification as PMP or related certification a plus Good understanding of generally accepted IT security and privacy audit procedures and standards Good knowledge of information security concepts, methodologies and best/leading practices.


Category : Cybersecurity Analyst
Posted : September 13, 2023
Salary : N/A

Share With