IT Compliance Manager
Chennai, India
Applications have closed
Flex
Flex is a global supply chain & manufacturing solutions provider. We help design, build, & deliver products to make the world a better place.Job Description
To support our extraordinary teams who build great products and contribute to our growth, we’re looking to add a/an IT Manager Compliance located in Chennai
What a typical day looks like:
- 14+ years of total experience of which minimum of 3 years in an IT Compliance, Information Security, Internal Audit or similar role supporting IT SOX, Medical Compliance efforts among other company compliance initiatives.
- Experience in implementing enterprise information security programs based on industry frameworks such as HIPAA/HITECH, ISO 27001/27002, COSO, NIST, SOX etc.
- Strong experience in driving / leading IT control reviews, security, vulnerability, penetration tests, or assessments and evaluations.
- Strong working knowledge of IT processes, risks, and controls in the computer operations, system development, change control, and security functions.
- Ability to clearly interpret and communicate the IT threats, risks and impacts to all levels of the organization.
- Strong project management abilities as well as excellent oral and written communication skills, both verbal and written. Excellent business report writing skills.
- Knowledge of a broad range of security technologies including NextGen Firewalls, DLP, NAC, IDS/IPS, Certificate Management, Identity Access Management, Privileged Identity Management, Multi-Factor Authentication, Mobile Device Management, Endpoint protection, SIEM, Anti-malware, Vulnerability Management, etc.
- CISA, CISM, CISSP or other relevant security-certification(s)is desirable.
- Responsible for development, implementation and management of certification and compliance of the IT organization s compliance with IT General Controls (ITGCs), SOC reporting controls, IT Medical Compliance and other laws & regulations governing the Company
- Plans, designs and executes compliance testing, controls assessment and documentation supporting information security Frameworks (e.g. NIST Cyber Security Framework, ISO, ITGCs, PCI-DSS, Data Privacy, HIPAA) and other compliance requirements, as applicable
- Partners with the IT Infrastructure and Application teams to evaluate the design and effectiveness of the IT control environment and to develop and track the status of remediation efforts
- Facilitates and coordinates with internal and external IT auditors
- Provides accurate, timely communications to Global IT Security Leadership and impacted management to discuss identified deficiencies, leading practices and recommendations for implementation of modifications to improve compliance and mitigate risk
- Reviews testing and analyses performed, monitors evidence gathering for IT control reviews, evaluates results, and confirms conclusions about the adequacy of IT controls. Reviews the work performed and conclusions according to departmental standards
- Supports IT leadership in responding to internal and external queries regarding the IT control environment
The experience we’re looking to add to our team:
- In minimum 14 year experience requirement Minimum of 3 years of should be on the following areas;
- Experience in implementing enterprise information security programs based on industry frameworks such as HIPAA/HITECH, ISO 27001/27002, COSO, NIST, SOX etc.
- Experience with regulations, policy, standards, procedures or other requirements which requires IT compliance (e.g. PCI-DSS, Data Privacy, HIPAA).
- Experience performing IT control assessments over one or more of the following technical areas: Mainframe, UNIX, Windows, SQL Server, Oracle DB, Cloud Technology, or a major ERP application is preferred.
- Experience working with SharePoint and GRC tools is a plus.
What you’ll receive for the great work you provide:
- Health Insurance
- Paid Time off
RK103
Job Category
ITFlex pays for all costs associated with the application, interview or offer process, a candidate will not be asked for any payment related to these costs.Flex does not accept unsolicited resumes from headhunters, recruitment agencies or fee based recruitment services. Flex is an Equal Opportunity Employer and employment selection decisions are based on merit, qualifications, and abilities. Flex does not discriminate in employment opportunities or practices based on: age, race, religion, color, sex, national origin, marital status, sexual orientation, gender identity, veteran status, disability, pregnancy status or any other status protected by law. Flex provides reasonable accommodation so that qualified applicants with a disability may participate in the selection process. Please advise us of any accommodations you request to express interest in a position by e-mailing: accessibility@flex.com. Please state your request for assistance in your message. Only reasonable accommodation requests related to applying for a specific position within Flex will be reviewed at the e-mail address. Flex will contact you if it is determined that your background is a match to the required skills required for this position. Thank you for considering a career with Flex.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Certificate management CISA CISM CISSP Cloud Compliance ERP Firewalls HIPAA IDS IPS ISO 27001 IT infrastructure Mainframe Malware NIST Oracle Privacy SharePoint SIEM SOC SOX SQL SQL Server UNIX Vulnerability management Windows
Perks/benefits: Career development Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs