Job Summary
Serve as a GRC Specialist with deep experience in cloud native security risk and compliance to strengthen enterprise controls and protect critical data assets in a hybrid work setting. Apply expertise in GCP native security vulnerability and compliance management vendor risk oversight and ServiceNow GRC to embed governance into daily operations while enabling secure innovation for global stakeholders.
Responsibilities
- Should have information security background 3 - 5 years.
- Capable of understanding and assessing gaps based on frameworks such as NIST CIS etc.
- Able to support during EST/PST hours for collaboration.
- Should be comfortable drafting presentations and co-ordinate with key stakeholders.
- Willing to learn and deliver on the job
Scope and Key Deliverables
Deployment 1 CJ 2.1 Existing Applications
1. Check the Survey questionnaire.
2. Gap Assessment for v2.1 controls.
3. Pre-population of control questionnaire with answers from Survey Questionnaire.
4. Send pre-populated control questionnaire to SMs for re-certification.
5. Identify Gaps & Remediation.
6. Raise Exception or Submit evidence for remediation to close the gap.
7. Pending CJ 2.0 tasks.
8. Get approvals for exceptions in progress.
9. Track status of controls for approved exceptions.
Deployment 2 CJ 2.1 New applications
1. Document the process for onboarding new applications into CJ 2.1.
2. Revalidation of existing CJ data and Tier.
3. Identification of new CJ data and Tier.
4. CJ Applicability Assessment.
5. Perform CJ applicability assessment for each application.
6. Identify new applications from New Entities for onboarding into CJ 2.1.
7. Identify new applications from existing entities for onboarding into CJ 2.1.
8. Get inventory of Applications to be scoped for CJ 2.1.
Deployment 3 CJ 2.1 Metrics & Dashboards
1. Produce data for generating the Reports Metrics & Dashboards.
Qualifications
- Demonstrate seven to nine years of specialized experience in governance risk and compliance functions with significant exposure to enterprise scale technology environments.
- Apply strong hands on expertise in GCP native security capabilities such as identity management logging configuration assessment and data protection to secure cloud workloads.
- Use solid background in vulnerability management tools practices and coordination to ensure timely identification prioritization and remediation of technical weaknesses.
- Bring proven experience in compliance management by interpreting regulatory frameworks and industry standards and translating them into practical control activities for technology teams.
- Show practical knowledge of vendor risk management by evaluating third party security controls contracts and attestations to protect information shared with external partners.
- Utilize experience with ServiceNow GRC configuration workflows and reporting to build structured governance processes that reduce manual effort and improve traceability.
- Apply incident management experience in assessing security and compliance events coordinating with responders documenting actions and supporting continuous improvement initiatives.
Acerca de Cognizant
Cognizant (Nasdaq: CTSH) es un creador de soluciones de IA y proveedor de servicios tecnológicos que conecta la inversión en IA con el valor empresarial mediante el desarrollo de soluciones de IA full‑stack para sus clientes. Su profundo conocimiento de la industria, junto con su experiencia en procesos e ingeniería, permite incorporar el contexto único de cada organización en sistemas tecnológicos que amplifican el potencial humano, generan resultados tangibles y mantienen a las empresas a la vanguardia en un entorno en constante cambio. Más información en cognizant.ai o @cognizant.
Información adicional sobre el empleo
La información sobre la compensación es exacta en la fecha de publicación de este anuncio. Cognizant se reserva el derecho de modificar esta información en cualquier momento, de conformidad con la legislación aplicable.
Es posible que se solicite a los solicitantes que asistan a entrevistas de forma presencial o mediante videoconferencia. Asimismo, durante cada entrevista, los candidatos podrán estar obligados a presentar un documento de identidad válido emitido por el estado o por el gobierno.
Cognizant es un empleador que ofrece igualdad de oportunidades. Su solicitud y candidatura no se evaluarán en función de la raza, el color, el sexo, la religión, el credo, la orientación sexual, la identidad de género, el origen nacional, la discapacidad, la información genética, el embarazo, la condición de veterano ni cualquier otra característica protegida por las leyes federales, estatales o locales.
