Lead Analyst - Security Lead
Mumbai, India
WNS Global Services
Company Description
WNS (Holdings) Limited (NYSE: WNS), is a leading Business Process Management (BPM) company. We combine our deep industry knowledge with technology and analytics expertise to co-create innovative, digital-led transformational solutions with clients across 10 industries. We enable businesses in Travel, Insurance, Banking and Financial Services, Manufacturing, Retail and Consumer Packaged Goods, Shipping and Logistics, Healthcare, and Utilities to re-imagine their digital future and transform their outcomes with operational excellence.We deliver an entire spectrum of BPM services in finance and accounting, procurement, customer interaction services and human resources leveraging collaborative models that are tailored to address the unique business challenges of each client. We co-create and execute the future vision of 400+ clients with the help of our 44,000+ employees.
Job Description
• Conduct detailed vendor risk assessments, working closely with key partners, to identify and evaluate risks before establishing or continuing operations with third-party vendors. • Use a risk-based approach to conduct reassessment of vendors periodically and monitor third-party vendors’ security practices and compliance with contractual obligation.• Accurately determine the risk rating with qualifications based on the potential impact and likelihood.• Participate in audits or respond to client questionnaires about supplier management.• Deliver online information risk surveys to third-party vendors.• Develop and maintain high-quality risk assessment documentation covering findings, risk statements, risk ratings, justifications and recommendations in risk register.• Provide sufficient information to risk owners and vendors in the development of treatment plans for the effective management of risk. Monitor the execution of risk treatment(s) and evaluate the residual risk.• Contribute to process improvements to continuously mature the Third-Party Risk Management Program and service. Champion the program mission and value proposition throughout the organization.• Respond to emerging threats by coordinating with vendors to understand supply chain impact.• Ability to identify and carry out opportunities for cross functional partnership in ways to improve team processes.
Qualifications
• An Associates degree in Cybersecurity or related field of study is preferred. Candidate must possess a basic understanding of PCI DSS and standard IT security processes and requirements. Candidate must demonstrate an understanding of modern security requirements and architectures and work with the associated groups in order to accomplish the security goals of the company. Additional security certifications (i.e.: CISA, CISM, CISSP, Security +) are preferred.• Experience in the use of Third-Party Risk Management (TPRM) tools, e.g. OneTrust, CyberGRX, UpGuard is preferred.• Experience in the use of vulnerability management software (e.g. Rapid7, Tenable, Qualys) is preferred.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Audits Banking CISA CISM CISSP Compliance Finance PCI DSS Qualys Risk assessment Risk management Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs