Lead Analyst - Security Lead

Company Description

WNS (Holdings) Limited (NYSE: WNS), is a leading Business Process Management (BPM) company. We combine our deep industry knowledge with technology and analytics expertise to co-create innovative, digital-led transformational solutions with clients across 10 industries. We enable businesses in Travel, Insurance, Banking and Financial Services, Manufacturing, Retail and Consumer Packaged Goods, Shipping and Logistics, Healthcare, and Utilities to re-imagine their digital future and transform their outcomes with operational excellence.We deliver an entire spectrum of BPM services in finance and accounting, procurement, customer interaction services and human resources leveraging collaborative models that are tailored to address the unique business challenges of each client. We co-create and execute the future vision of 400+ clients with the help of our 44,000+ employees.

Job Description

• Conduct detailed vendor risk assessments, working closely with key partners, to identify and evaluate risks before establishing or continuing operations with third-party vendors. • Use a risk-based approach to conduct reassessment of vendors periodically and monitor third-party vendors’ security practices and compliance with contractual obligation.• Accurately determine the risk rating with qualifications based on the potential impact and likelihood.• Participate in audits or respond to client questionnaires about supplier management.• Deliver online information risk surveys to third-party vendors.• Develop and maintain high-quality risk assessment documentation covering findings, risk statements, risk ratings, justifications and recommendations in risk register.• Provide sufficient information to risk owners and vendors in the development of treatment plans for the effective management of risk. Monitor the execution of risk treatment(s) and evaluate the residual risk.• Contribute to process improvements to continuously mature the Third-Party Risk Management Program and service. Champion the program mission and value proposition throughout the organization.• Respond to emerging threats by coordinating with vendors to understand supply chain impact.• Ability to identify and carry out opportunities for cross functional partnership in ways to improve team processes.

Qualifications

• An Associates degree in Cybersecurity or related field of study is preferred. Candidate must possess a basic understanding of PCI DSS and standard IT security processes and requirements. Candidate must demonstrate an understanding of modern security requirements and architectures and work with the associated groups in order to accomplish the security goals of the company. Additional security certifications (i.e.: CISA, CISM, CISSP, Security +) are preferred.• Experience in the use of Third-Party Risk Management (TPRM) tools, e.g. OneTrust, CyberGRX, UpGuard is preferred.• Experience in the use of vulnerability management software (e.g. Rapid7, Tenable, Qualys) is preferred.