Cybersecurity Risk Analyst - Pharma Industry

Job Description:

Job Title: Cybersecurity Risk Analyst

Location: Mumbai (BKC)

Salary Range: Best in industry (It will be on Talisman HR Solutions Payroll)

Working Days: 5 days a week (Mon to Fri) and (Sat and Sun off)

Work Timings: Flexible / US Timezone

Contract: Auto-renewable (performance-based)

Job Description.

• Support broad organizational awareness of cybersecurity policy requirements.
• Influence the organization's cybersecurity posture through maintainence of the Abbott Cybersecurity Framework. Collaborate with cybersecurity subject matter professionals to understand emerging cybersecurity requirements and direct change control workflows to implement necessary changes.
• Inventory, read, analyze, and assess detailed cybersecurity requirements from multiple authorities around the world to determine applicability to Abbott. Make risk-based recommendations to leadership for changes to Abbott’s cybersecurity-related policies.
• Map existing Cybersecurity Framework requirements to key authoritative sources (laws, regulations, industry standards) and participate in the identification and resolution of gaps in existing Cybersecurity Framework requirements.
• Maintain Abbott's Cybersecurity Framework within the Governance, Risk and Compliance (GRC) tool. Maintenance includes facilitation of change control workflows for core content as well as direct changes to the linkages that connect different elements of that core content.
• Manage and facilitate changes to cybersecurity policies, standards, procedures, and other quality-controlled documentation according to process from initiation to implementation.
• Support System Life Cycle (SLC) requirements for Risk & Policy applications in the GRC tool, including preparation of data import files and functional testing.

EDUCATION AND EXPERIENCE, YOU’LL BRING

Required

• 3+ years of related work experience with cybersecurity, IT general controls, IT audit, risk management, or an equivalent combination of education and work experience.
• Strong understanding of risk management principles, regulatory requirements and industry standards and best practices.
• Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff and management.
• Strong analytical skills and the ability to organize work in a logical, thorough, and succinct manner.
• Self-motivated, goal-orientated, and self-directed.
• Must understand risk management concepts, information security, controls and controls testing, IT policy, and fundamental IT technologies including software, infrastructure, databases, cloud services, ERPs, websites.
• Proficiency with MS Office suite (Excel, Word, PowerPoint, SharePoint, Teams, etc.).
• Must be a fast learner, confident, motivated, sensitive to details, organized and able to work on deadlines.

Preferred

• Bachelor’s degree preferred but will consider applicable work experience as it translates to an equivalent degree.
• Experience in the healthcare industry.
• CISSP or similar certification.
• Experience working with GRC tools and solutions (e.g. ServiceNow, Archer).
• Technical writing of formal documentation and processes.
• Experience obtained from employment with a Big 4 accounting firm or a top-tier accounting/consulting/advisory company engaged in internal and external audits.