Job
Description
Overview: Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Reporting to the Vendor Risk Lead, Vendor Risk Specialists will support risk initiatives relating to policies, standards, and guidelines, risk management (internal and 3rd party), certifications, audits, external reviews of IT controls, and ensure that the appropriate audit artifacts are available for the compliance teams and security related audits. The role supports risk profiles with business objectives. This role also supports efforts to continually evaluate risk, keep abreast of regulatory and contractual requirements, and implement solutions to keep risk levels within levels acceptable to the business. Enforce and communicate processes and procedures to deal with potential threats. In addition, they will work with the manager of Risk to perform and maintain risk analyses of agencies, Practice Areas/Networks, client relationships, and vendors. The Manager, Regulatory and Compliance will collaborate with the other security teams to ensure information risks are identified, assessed, mitigated and / or remediated accordingly, to enhance the risk posture across the global Omnicom footprint. The position may be in any appropriate Omnicom office. Responsibilities: Partner with a qualified global team of cyber security risk management professionals to protect company assets and support security risk initiatives. Work cooperatively with the Risk and other leads to validate appropriateness of procedures and controls (to ensure compliance with regulatory, contractual, and legal requirements). Work collaboratively with Internal Audit, Legal, and business units to track risk reduction over time. Develop and maintain expertise in regulatory trends, client contractual trends, and risk management strategies. Provide monthly, quarterly, bi-annual, and annual metrics to track, validate, and provide continuous improvement to the compliance and risk management programs. Support the development of and enhance a governance framework aligned with ISO27001 to ensure compliance with stated metrics and documented controls. Maintain a risk register aligned with Omnicom’s Risk Management Framework as it pertains to regulatory and compliance risks. Measure compliance with policy and standards as part of assessing the overall security risk posture of the enterprise and develop remediation plans as needed. Qualifications: Bachelor's degree required, preferably in computer science, information systems, engineering, business administration, or related field 5 years of experience required. In-depth understanding of common regulatory frameworks (SOX, HIPAA, PCI, GDPR) Practical knowledge of risk assessment and management approaches and delivery Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and NIST Past Media and Entertainment industry experience Skills/Abilities Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. Excellent problem solving and analytical skills, individual must be a team player, strategic and analytical thinker, able to think “big picture”, as well as focus on trends and data coupled with industry themes, and able to multi-task on projects. Ability to build-out risk & compliance strategy aligned with business objectives that will continually improve and enhance cybersecurity within the organization. Demonstrate the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives. Possess a strong technology background with the ability to challenge or validate technology decisions from a position of knowledge and experience. Possess the ability to rapidly assimilate business strategies, coupled with the insight to seize high impact opportunities by applying creative problem-solving solutions. Track record of managing across multiple global locations, with a solid understanding of the challenges and benefits Ability to lead and motivate cross-functional, interdisciplinary teams to build-out new capabilities and achieve tactical and strategic goals.
