Senior Manager-Risk Assessment

As a member of the Risk & Compliance team at HCL Technologies, you will be aligned to critical service delivery engagements and responsible for ensuring compliance with client, organizational, and regulatory security requirements. Key Responsibilities: - Demonstrate excellent understanding of the IT Control framework, especially in risk assessment and control selection. - Work with compliance programs such as PCI DSS, HIPPA, ISO 27001, SOC2, SOX, NIST, FISMA, and COBIT. - Lead teams to execute periodic risk assessments and integrate remediation efforts with the risk management process. - Partner with service delivery leadership to manage risk in delivery effectively. - Develop and rollout programs to increase compliance awareness. - Measure and monitor compliance with security requirements, company policies, and procedures. - Lead compliance and audit testing programs for external certifications. - Lead small teams in risk management and assessment. - Provide guidance on solutions to mitigate risks and enhance system security. - Coordinate with other DCO and Delivery Compliance representatives to build compliance program components. - Support R&C Privacy and BCM teams in executing their respective programs. - Work in virtual teams using tools and technologies. - Handle conflicting situations with strong communication and analytical skills. - Demonstrate a systematic approach to problem-solving. - Exhibit good interpersonal skills and professional behavior. - Stay updated with information security and IT developments. - Communicate risks to non-IT stakeholders and support functions. - Translate business, industry, and regulatory requirements into information security objectives. - Preferred certifications include CISA, CISSP, CISM, CRISC, CGEIT, ISO27001, or other security-related certifications. Education Qualification: - Graduate or master's degree in IT, Risk Management, Business Management, or a related field. Certifications Required: - CISA, CISSP, CISM, CRISC, CGEIT, ISO27001, or other security-related certifications are preferred. Attributes of Ideal Candidate: - Minimum 10 years of experience in Information Risk Management/Information Security or auditing with direct client and leadership experience. - Experience in compliance programs such as PCI DSS, HIPPA, ISO 27001, SOC2, SOX, NIST, FISMA, COBIT. - Proficient in Management Reporting, Reviews, and Data Analytics. - Hands-on experience in Policy management, Governance, Risk modeling, Risk sensing, and Data analytics. - Strong communication skills. - Ability to manage junior employees effectively. - Good interpersonal skills and professional behavior in dealings with stakeholders. (Note: No additional details about the company were provided in the job description.),