Experience Inc. Jobs

Home View All Jobs (2,157,566)

Job Information

BlackBox Risk & Compliance Analyst in Bangalore, India

Purpose of Job:

The Risk & Compliance Analyst is an indirect customer facing position , where the resource has ownership and is responsible for reviewing new and existing contracts form a risk , security, compliance perspective as they come in for review for sign-off before BlackBox enters a legal agreement with any other entity. The analysis required is for evaluating contents of the contract for IT Compliance to any global or local regulations and service expectations, Risks, business service expectations, security expectations and compliance keeping BlackBox interests and capabilities in mind for delivery and adhering to defined business and IT service level expectations. The role will also be responsible for maintaining organization policies , coordinating external customer/vendor IT Audits, ensuring adherence to IT controls, and coordinating external customer/vendor audit & control remediation activities – internally and externally. This position will take an advisory role in making sure data privacy and governance procedures contain the right level of controls and responsibilities to support risk and compliance oversight across the organization. A good understanding and experience / exposure with global industry standards, regulatory compliance requirements, data privacy laws , security standards etc. is required.

Primary Roles & Responsibilities:

  • Understand Blackbox Internal Business services and review proposed customer contracts for compliance, risks and regulatory issues

  • Coordinate external & Internal audits of the Blackbox IT environment and collate evidence submitted by technical team

  • Develop and maintain both continuous and spot check, autonomous and manual audit processes

  • Educate users on IT controls processes and play an advisory role internally.

  • Perform end – to end contracts evaluation for risk , compliance , and security evaluations and expectations.

  • Report compliance results & metrics to executive teams

  • Provide continual improvement objectives to better align to external requests

  • Build a strong knowledge and understanding of systems and processes

  • Assist in development of data governance processes and RACI

  • Review and update internal corporate Policies based on Industry best practices and Regulatory requirements

  • Understand and document Data workflows and lifecycles

  • Establish Processes to improve the life cycle Management of Contracts

  • Possess experience or good knowledge on IT controls mapping as per global standards.

  • Knowledge, Skills, Abilities:

  • Strong familiarity with risk, compliance, and audit frameworks and the various ways they are applied in IT environments

  • Understanding of Global data privacy and security regulations – like GDPR, CCPA etc. both at global and US state levels for data privacy laws and requirements.

    • Ability to scope, assess, and revise contracts and suggest edits based on business drivers and compliance needs.

  • Ability to find root cause of control failures and mitigate risks accordingly

  • Ability to create and maintain policies, procedures and guidelines for the Company and maintain its lifecycle in SharePoint

  • Ability to educate the company employees and respond to policy related queries.

  • Ability to implement controls in a diverse technical and geographically distributed environment to mitigate risk

  • Ability to convince a highly varied audience to follow prescribed controls

  • Comfort with presenting progress reports and results to senior leadership

  • Understanding of process design and compliance terminology

  • Ability to write and speak clearly, consistently, and concisely

  • Ability to Multitask responses to multiple Contracts and meet given deadlines

  • Ability to be self-driven, Motivated with end-to-end ownership on contracts management

  • Excellent Audit Life Cycle Management skills , Expert use of Excel sheet , Word document management , PPT, ability to track documents versions, evidences etc.

Education/Experience Requirements:

  • BA business or information technology or equivalent experience.

  • 4-5+ years of prior experience in IT risk, auditing, Contracts evaluation, and/or compliance strongly preferred.

  • Knowledge of working with US & Global regulations and compliance requirements like HIPAA , PCIDSS , GDPR and US state level laws like CCPA etc.

Frameworks / Industry Standard & Regulations

  • Data Privacy Laws like GDPR, CCPA,

  • PCIDSS, SOC2, HIPAA

  • Security and Assurance standard like NIST 800-53 controls, NIST CSF, CIS controls , ISO 27001 standards

  • Supervisory Responsibility:

This position may take on a leadership role of other employees in other teams to engage in responding to certain compliance and IT audits requirements Certifications Desired / Preferred

  • CISA and/or CRISC and/or CGEIT

  • ISO 27001 L.A or CISM or CISSP – Desirable.

DirectEmployers