Senior Manager-Risk Assessment

As a member of the Risk & Compliance team within HCL Technologies, you will be aligned to critical service delivery engagements and responsible for ensuring compliance with client, organizational, and regulatory security requirements. **Key Responsibilities:** - Demonstrate excellent understanding of the IT Control framework, especially in risk assessment and control selection. - Work with any two compliance programs such as PCI DSS, HIPPA, ISO 27001, SOC2, SOX, NIST, FISMA, COBIT. - Lead teams to execute periodic risk assessments and integrate remediation efforts with risk management processes. - Collaborate with service delivery leadership to manage risk to an acceptable level. - Partner with awareness and training elements to increase compliance awareness. - Measure and monitor compliance with security requirements, policies, and procedures for audit readiness. - Lead compliance and audit testing programs and support external compliance certification programs. - Lead small teams in risk management and assessment. - Provide management of junior employees. - Develop solutions to mitigate risks and enhance system security. - Coordinate with other DCO and Delivery Compliance representatives to build a robust compliance program. - Understand privacy and business continuity requirements to support respective teams. - Work effectively in virtual teams using tools and technologies. - Handle conflicting situations with strong communication and analytical skills. - Approach problem-solving systematically and pragmatically. - Demonstrate good interpersonal skills and professional behavior. - Stay updated with information security and IT developments. - Communicate risks to non-IT business owners and support functions. - Translate requirements into information security objectives and initiatives. - Preferred certifications: CISA, CISSP, CISM, CRISC, CGEIT, ISO27001, or other security-related certifications. You should possess a graduate or master's degree in IT, Risk Management, Business Management, or a related field. **Attributes of an Ideal Candidate:** - Minimum 10 years of experience in Information Risk Management/Information Security or auditing. - Direct client and leadership experience. - Experienced in at least two compliance programs. - Proficient in Management Reporting, Reviews, and Data Analytics. - Hands-on experience in Policy management, Governance, Risk modelling, Risk sensing, and Data analytics. - Strong communication skills. - Ability to manage junior employees effectively. - Demonstrates good interpersonal skills and professional behavior.,