Cyber Security Process Analyst/Manager
The individual will contribute to the functional management and documentation of corrective actions and lessons learned findings for cyber security incidents, including Red Team and Table Top exercises.
Cognizant (Nasdaq-100:CTSH) is one of the world's leading professional services companies, transforming clients' business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant is ranked 194 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @Cognizant.
About the Team / Business Unit
Corporate Security at Cognizant is an enterprise wide oversight body responsible for the overall security posture of the organization’s physical (tangible) and data (intangible) assets. The group is responsible for aligning the enterprise wide security requirements to business goals through strategic governance and continuous assurance processes. The governance process encompasses development and implementation of policies, standards, best practices and reference frameworks around Risk Management, Data Loss Prevention and data protection. The continuous assurance functions like security risk assessments and audits, security monitoring, and policy compliance activities facilitates strict adherence to enterprise, client and global regulatory and security requirements.
You will work in the Global Cyber Operations team and will be responsible for the following actions:
- Contribute to the execution of Cyber Security operations, incident response and investigations by documenting and managing opportunities for process improvement and best practices.
- Follow up with issue owners to ensure that documented lessons learned are being tracked and remediated.
- Perform Cyber Security operations as directed by the Cognizant standard processes and procedures.
- Provide evidence of audit compliance for ISO 27001, HITRUST, SOC2 and other Internal Audit requirements.
- Provide assistance with metric gathering and reporting of KPI’s related to Cyber Operations.
- Ensure proper security controls in accordance with industry standards, regulations, and global frameworks such as NIST.
- Leverage the GRC case management solution to document and report on incidents to meet audit, compliance and legal requirements.
- Assist the Information Security Officer on Governance, risk and compliance (GRC) management.
- Supports team members on risk management requests and provide subject matter expertise.
- Review Risk Management Plans against risk appetite, exposure and threats
- Develop and document incident response processes, procedures and training program.
Required & nice to have Skills:
- Bachelor’s degree in Computer Science, Electronics, or related field, or equivalent experience
- 1-5 years of experience with Cyber Governance, Risk and Compliance (GRC) and/or Project Management with an emphasis on process improvement.
- Experience with using Windows, Linux, and MacOS and basic internal protocols, including TCP/IP
- Strong attention to detail by achieving thoroughness and accuracy when accomplishing a task.
- Excellent written communication skills
- Strong work ethic with a bias towards action
- Experience with process documentation
Nice to Have/ Your chance to grow:
- CRISC, CISM, CISA, CEH CISSP or Security+ certifications
- Experience with GRC tools such as Archer, MetricStream or ServiceNow
- Security analysis and forensic experience a plus.
If you’re comfortable with ambiguity, excited by change, and excel through autonomy, we’d love to hear from you!
Director, Global Cyber Operations
m. + 32 497 041585