Xerox Governance, Risk & Compliance Specialist in Gurugram, India
Governance, Risk & Compliance Specialist
City: Gurugram, Bangalore, Cochin
State/Province: Haryana, Karnataka, Kerala
Department: Information Management
Date: Tuesday, March 23, 2021
Working time: Full-time
Job Level: Individual Contributor
Job Type: Experienced
Job Field: Information Management
Seniority Level: Associate
Description & Requirements
Xerox (NYSE: XRX) makes every day work better. We are a workplace technology company, building and integrating software and hardware for enterprises large and small. As customers seek to manage information across digital and physical platforms, Xerox delivers a seamless, secure and sustainable experience. Whether inventing the copier, the ethernet, the laser printer or more, Xerox has long defined the modern work experience. Learn more at www.xerox.com and explore our commitment to diversity and inclusion. (https://www.xerox.com/en-us/jobs/diversity)
Designation: Governance, Risk & Compliance Specialist (Analyst II, IM Security)
Location: Bangalore, Gurgaon, Kochi
Timings: 1 PM to 10 PM(IST)
Experience: 8 to 12 years
Qualification: BE/BTech/MCA, CISSP Certification Preferred
This position is responsible for the Governance, Risk and Compliance (GRC) management processes within the Xerox Cyber Security organization. The qualified candidate is responsible for building and deploying effective policies, processes and controls across the enterprise in collaboration with business, IT and other Cyber Security professionals. This role will specialize on a specific technology and/or risk management discipline. Examples of specialization areas can be any technology, technique, method, product or application area as they pertain to the disciplines of information security, privacy, disaster recovery, and regulatory compliance.
Support the development and maintenance of Cyber Security policies, standards, and guidelines in alignment with applicable laws, common security frameworks and leading practices
Participate in development of training curriculum, conduct security awareness campaigns and evaluate their effectiveness
Review and revise security policy and standards at regular cadence
Conduct gap assessments and facilitate management of compliance programs including ISO 27001, PCI, FedRAMP, SOC1, SOC2, etc.
Carries out risk assessment within a defined functional or technical area of business.
Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and impact on the business.
Applies standard procedures to enhance security or resilience to system interruptions.
Can take immediate action in an incident to limit business impact and escalates event to higher authority.
Monitors status of risks, and reports status and need for action to senior management.
Knowledge and Skills Required:
Strong knowledge of and experience in security requirements, standards and practices including NIST CSF, NIST 800-53, ISO 27001, PCI DSS, SOC2, COBIT, GLBA, SOX, GDPR, OWASP Top 10, SANS Top 25, etc.
Strong understanding of and/or prior experience in one or more of the following:
Security Governance and Policy Management
Risk Assessment, Treatment and Management
Third Party Risk Management
Security Training and Awareness
Security Compliance Management
A broad understanding across security domains
Prior experience in developing or implementing common controls framework would be a huge plus
Ability to document, follow, execute and continually improve a detailed process
Strong organizational and attention to detail skills
Strong written and oral communication skills
Experience working across multiple teams on projects
Ability to communicate with all levels of management
Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity or expression, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at www.xerox.com and explore our commitment to diversity and inclusion! People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.
© 2020 Xerox Corporation. All rights reserved. Xerox® and Xerox and Design® are trademarks of Xerox Corporation in the United States and/or other countries.
- Xerox Jobs