Senior Analyst, Cybersecurity Risk Management – Chennai, India

REFID279549

Information Security Senior Analyst required to join a forward-thinking and transformational GRC Function within the Global Cyber Risk Team, providing risk management expertise, a business interface, technical to business risk translation and effective communication skills to risk owners throughout the organization and the wider Information Security Function. Building relationships and steering the global organization in its challenge to maximise productivity while reducing risk and improving its security posture. 

Reporting to the Information Security Manager – Global Cyber Risk, with wider contact and working relationships across the wider GRC Team and entire Global Information Security Function, the role is responsible for all elements of Cyber Risk Management, including but not limited to: 

Responsibilities

• Building relationships with Information Security Function members, technical and non-technical.
• Conducting technical risk assessments on escalated issues and vulnerabilities.
• Advising on likely risks with solution designs and business activities; 
• Capturing risks through relationship management and knowledge of business activities.
• Reporting risks to risk owners, business teams and technical teams.
• Guiding risk owners and those responsible on the treatment of identified risks.
• Contributing insight towards the analysis of the overall organisational risk posture.
• Tracking and managing risks, issues and exceptions.
• Managing the Information Security Risk Register. 

The successful candidate may also be required to contribute towards major transformation projects designed to improve the security posture of the organisation, drive culture change and awareness, increase effectiveness of security initiatives, optimise day to day security work, ISMS development and implementing new ways of working. 

• 1-3 years Experience of applying Information Security Risk Management Methodologies across various Information Security Issues, both technical and procedural; preferably with in-house Information Security Team experience and preferably within a global organisation providing technical solutions to clients.
• Experience in prioritising and tailoring Information Security objectives and risk mitigations to business objectives.
• Knowledge of Risk Management Frameworks or best practice Risk Methodology such as IRAM2, ISO27005 or the NIST Risk Management Framework (RMF).
• Verbal communication skills with the developing ability to translate technical information into business-relevant information, and maintain close working relationships, presenting the need for security to employees in a manner that encourages positive engagement and demonstrates the benefits of security in improving performance and profitability.
• Written communication skills with the developing ability to articulate risks in both a technical and business-relevant format, develop training and awareness campaigns in a clear and concise manner, and write policies and procedures in an understandable and unambiguous style.
• Foundational Security Certification such as CISMP or Security+. 

 DESIRABLE 

• Knowledge of complete Information Security Frameworks such as NIST or CIS, OWASP and its application in solution designs in line with secure design principles; Penetration Testing methodologies and Vulnerability Management;  Incident Escalation and Security Incident Management practices.
• Any area of technical security expertise is not required but is welcome and will be strongly considered, including: Hands-On Network Security and Configuration, Penetration Testing, Hands-On Cloud Security Architecture, Intrusion Analysis or Computer Forensics, and Security Engineering, Secure Code Analysis or DevSecOps.
• Any recognised certification relating to the above areas of technical security expertise.
• A University Degree in Cyber Security, Computer Science or another relevant discipline. 

• Enjoy a flexible and rewarding work environment with peer-to-peer recognition platforms.
• Recharge and revitalize with the help of wellness plans made for you and your family.
• Plan your future with financial wellness tools.
• Stay relevant and upskill yourself with career development opportunities.

About NIQ

NIQ is the world’s leading consumer intelligence company, delivering the most complete understanding of consumer buying behavior and revealing new pathways to growth. In 2023, NIQ combined with GfK, bringing together the two industry leaders with unparalleled global reach. With a holistic retail read and the most comprehensive consumer insights—delivered with advanced analytics through state-of-the-art platforms—NIQ delivers the Full View™.

NIQ, is an Advent International portfolio company with operations in 100+ markets, covering more than 90% of the world’s population. For more information, visit NIQ.com.

Want to keep up with our latest updates?

Follow us on: LinkedIn | Instagram | Twitter | Facebook

Our commitment to Diversity, Equity, and Inclusion

NIQ is committed to reflecting the diversity of the clients, communities, and markets we measure within our own workforce. We exist to count everyone and are on a mission to systematically embed inclusion and diversity into all aspects of our workforce, measurement, and products. We enthusiastically invite candidates who share that mission to join us.

We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, protected veteran status or any other protected class. Our global non-discrimination policy covers these protected classes in every market in which we do business worldwide.

Learn more about how we are driving diversity and inclusion in everything we do by visiting the NielsenIQ News Center: https://nielseniq.com/global/en/news-center/diversity-inclusion/

NIQ or any of our subsidiaries will never ask you for money at any point of the recruitment or onboarding process.