GRC Program Manager
Bengaluru - RGA Tech Park
Unisys
Unisys is a global technology solutions company for digital workplace, cloud, application, infrastructure, enterprise computing and business process solutions.What success looks like in this role:
- External Audits
- Programs manage external audits for ISO standards – ISO 27001, ISO 22301, ISO 9001, ISO 20000 and SSAE18 SOC 1 Type II assessments
- Govern engagement with external audit partners to ensure audits are completed as per plan
- Ensure alignment with internal stakeholders to support the audit activities
- Third Party Risk Management
- Govern TPRM program in collaboration with Unisys Procurement
- Manage TPRM team and ensure TRPM process is completed effectively and efficiently
- Review supplier contracts and ensure security requirements are aligned with Unisys security policy and controls
- Internal Risk Management
- Maintain Unisys GIS Security Risk Register.
- Collaborate with BU’s/BISO’s and other functions to ensure timely updates to the Risk Register
- Manage Unisys Security Policy Exception program
- Chair Exception Review Board meetings
- Security Awareness Training
- Manage Security Awareness Training program
- Engage internal stakeholders to identify training modules
- Ensure training campaigns are designed and launched as per plan
- Design and deploy program status reports for Unisys management
#LI-SP2
You will be successful in this role if you have:
Experience
- The candidate should have 15-20 years of work experience in the IT industry with at least 10+ years in the Information Security domain and at least 5 years in the GRC domain
- Preferred background before moving to GRC are hands on experience in Application development or Systems Engineering or Infrastructure Eng /management
- Should have good understanding of Audit, Risk, Policy and Compliance
Qualifications and Certifications
- A bachelor's degree in engineering from a reputed institute. MTech or MBA will be an added advantage
- Excellent verbal and written communication skills
- Ability to communicate with Senior stakeholders
- Have knowledge of industry standards like ISO, SSAE18 SOC 1, SOC 2, PCI-DSS etc.
- CISSP/CISA/CISM certificate would be beneficial
- Knowledge of industry standards ISO 27001 and SSAE18 SOC 1 and SOC 2 is a must
- Knowledge of other industry standards PCI DSS, NIST 800-53, CIS Benchmarks, ISO 22301 etc. is preferable
- Understanding of Data Privacy controls, GDPR, Privacy Shield, governing laws and regulations
- Working knowledge of ServiceNow GRC module or reputed GRC tool is a requirement.
- Working knowledge of MS Office, SharePoint and Power BI tools
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.
This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4). US job seekers can find more information about Unisys’ EEO commitment here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Business Intelligence CISA CISM CISSP Compliance GDPR ISO 22301 ISO 27001 NIST NIST 800-53 PCI DSS Privacy Risk management SharePoint SOC SOC 1 SOC 2
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs