Sr. Analyst, Information Security Governance, Risk & Compliance
Virtual Office (Tamil Nadu)
GenesysGenesys is a leader for omnichannel customer experience & contact center solutions, trusted by 10,000+ companies in over 100 countries.
Build something new with a world-class team.
At Genesys, we allow our employees to make their mark by entrusting them to make decisions and do what they’ve been hired to do: their very best. Your potential is waiting; why are you?
The InfoSec GRC Sr. Analyst will report to the Director of Information Security, Governance, Risk & Compliance and participate as a key member of the Information Security & Compliance Team.
Assist in managing a compliance program for a portfolio of internal/external audits & certifications, ensuring documented and sustainable compliance practices across the company.
Assist with the implementation and direction of compliance processes to automate and continuously monitor information security controls, exceptions, risks, testing, and evidence artifacts. Develops reporting metrics and dashboards.
Assists control owners in defining responsibilities and control standards for regulatory and compliance goals – including but not limited to the following audits and certifications: SOX, PCI, HIPAA, SOC1/2, FED RAMP, HITRUST, ISO 27001/27017/27018, Cyber Essentials, etc.
Map and maintain common controls framework and control scope/applicability for a portfolio of compliance initiatives and information security policies.
Assists in the establishment of an Information Security GRC Center of Excellence by providing audit and assurance services to support a portfolio of compliance projects. Provide compliance subject matter expertise and advisory services to stakeholders/control owners.
Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares stakeholders' reports to track remediation activities. Evaluate & report any security/compliance risks to track as part of the company risk register. Consults on developing security standards, procedures, and controls to manage risks.
Gather requirements guide assigned controls within the centralized GRC tool & audit/certification document repository to care for compliance program information across the company. Work with business unit/product level compliance teams to strengthen and align to a shared company compliance plan and organization approach/methodologies to ensure streamlined, lean, effective, and agile processes.
Provides dashboards and reports based on regular assessments and testing of the effectiveness and efficiency of controls.
Perform operational activities related to the compliance program and escalate deviations when needed.
Perform audit services including risk and gap assessments to business units as needed.
Provide input on responses for company-wide compliance-related customer/partner/third-party requests.
Practice Agile methodologies and promote/strengthen automation across all initiatives to promote a higher level of work quality and act as a model for others to emulate.
Bachelor's Degree in Computer Science or equivalent field of study
10+ years of experience working with applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations
10+ years of experience in Information systems auditing, monitoring, controlling, and assessment process
Proficiency in Risk assessment and direction methodology
Proficiency in working with recognized IT Security-related standards and technologies.
Ability to function effectively within cross-functional and interdisciplinary teams to achieve tactical and strategic goals. This is a highly responsible position that requires both quantitative and interpersonal skills.
Demonstrated project management, organizational, and facilitation skills.
Excellent communication and presentation skills. Demonstrated ability to serve as an effective member of the InfoSec GRC team and ability to communicate security-related concepts to a broad range of technical and non-technical management and staff.
High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
CISSP, CISM, CISA, ITIL, or GIAC certifications desired.
If a Genesys employee referred you, please use the link they sent you to apply.
Every year, Genesys orchestrates billions of remarkable customer experiences for organizations in more than 100 countries. Through the power of our cloud, digital and AI technologies, organizations can realize Experience as a Service™ our vision for empathetic customer experiences at scale. With Genesys, organizations have the power to deliver proactive, predictive, and hyper personalized experiences to deepen their customer connection across every marketing, sales, and service moment on any channel, while also improving employee productivity and engagement. By transforming back-office technology to a modern revenue velocity engine Genesys enables true intimacy at scale to foster customer trust and loyalty. Visit www.genesys.com.
If you require a reasonable accommodation to complete any part of the application process or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you or someone you know may complete the Reasonable Accommodations Form for assistance. Please use the Candidate field in the dropdown menu to ensure a timely response.
This form is designed to assist job seekers who seek reasonable accommodation for the application process. Submissions entered for non-accommodation-related issues, such as following up on an application or submitting a resume, may not receive a response.
Genesys is an equal opportunity employer committed to diversity in the workplace. We evaluate qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, domestic partner status, national origin, genetics, disability, military and veteran status, and other protected characteristics.
Please note that recruiters will never ask for sensitive personal or financial information during the application phase.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Perks/benefits: Career development
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open SOC-related jobs
- Open GCP-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs