This job is no longer available. Continue your job search here.
Security Delivery Senior Analyst
Bengaluru
Job No. r00244184
Full-time
Job Description
Location: Bengaluru, Chennai, Delhi\NCR, Hyderabad, Mumbai, Pune
Entity: ATCI – Local Security Support
Skill Keywords: CISA, Security+, Risk Management, Cybersecurity, Governance Risks & Compliance, ISMS, SSAE18 SOC1& SOC2, ISO27001, Internal Audit, Information Security Audit
Scope:
Information security for the Advanced Technology Centers India (ATCi)
Job Responsibilities:
Project information security (IS) assessments are our bread and butter. As an IS professional, your first step into the big bad world of risk assessments will involve conducting IS assessments for projects across India centers. You will check if the project meets the Accenture standard and client’s security requirements.
The risks that you identify are super important to keep Accenture and our client’s data safe, it will ensure that Accenture is compliant with what was agreed in the client contracts.
We are super proud of the fact that Accenture is the biggest company of its size that is globally ISO27001 certified (the Academy awards equivalent for IS standards) and our team is responsible for maintaining this hallowed certificate. 3rd party auditors descend on us every year to make sure that we are still worthy of the certificate, so we’ve got to be on our toes always and keep everything shipshape. As part of this you will be carrying out a bunch of activities such as
Making sure (via assessments) that the nice folks at support functions such as Workplace, HR, IT, Finance, Legal, Procurement etc. are compliant with ISO27001 security requirements.
Risk assessments to report any risks that can mess up Accenture business goals and then monitoring these risks to make sure that they’re fixed.
Think out-of-the-box box and innovate to get all of our Accenture folk in India as IS literate as possible. In the past we’ve done super fun stuff such as plays, live sessions, infosec gyan during new joiner orientation sessions, etc – the sky is the limit!
We also need to stay compliant to certain other regulatory requirements and those have their scheduled assessments and activities too. Remember point 1? where we spoke about checking if the project teams are doing the right stuff? Well, quite often our clients decide to pay a visit to audit if everything is in order here or decide if they want to give us more business. This is the high adrenalin stuff where our team represents Accenture information security and supports the project folks face the client auditors.
Must Have Skills: Risk Management, Governance Risks & Compliance
1. You need to have a genuine interest in the information security domain and have the spunk and drive to make a positive difference in the organization – on ground.
2. We work as a team and therefore you need to be collaborative well and a good team player. No room here for a lone wolf. Keep in mind that our role involves interfacing with multiple business stakeholders therefore you need to be able to speak to new people all the time.
3. Goes without saying that good communication skills both written and spoken are quintessential for doing well at this job.
4. Information security is one of the fastest changing domains, so you should have the ability to learn, adapt and evolve quickly to stay relevant in this field and the learning never really ends.
5. We expect you to have at least a working hands-on knowledge of MS office suite tools like Word/Excel/Power-point – rest of the tools you learn on-the-job. If you have a background in project management or technical IT skills such as networking, telecom, security tools etc. you will be at an advantage.
6. Though currently we are working remotely, flexibility to travel both within your designated city as well as inter-city is important for you to be able to conduct assessments and other IS activities on ground.
7. Last but not the least, a curious bent of mind and hunger / passion to learn is a great attribute we need from our IS soldiers. As they say, half knowledge is always dangerous, so we always welcome folks who don’t stop learning.
8. Ability to educate a non-technical audience about various security measures
9. Attention to detail and time prioritization
Qualifications
Good to Have Skills
Professional information security certification/s
ISO27001, Security+, CISA etc. and knowledge of SSAE18
Experience in auditing ISO27001 and the SSAE18 SOC1& SOC2 controls Be up to date on the latest security trends
Please be informed that at any given point in time, you can only have one "Active" application.
Please be informed that at any given point in time, you can only have one "Active" application.