Nissan is a pioneer in Innovation and Technology. With a focus on Mobility, Operational Excellence, Value to our Customers, and Electrification of vehicles, you can expect to be part of a very exciting journey here at Nissan. Nissan is going after a massive Digital Transformation backed by leading technologies across the organization globally. We are committed to building a diverse, entrepreneurial organization, and our current team is strong evidence of that. Our people are what drive the business forward. At Nissan Digital, you will be part of a dynamic team with ample opportunities to grow and make a difference.
Position Description
Information Security risk assessments help review system/application/vendor architecture and controls from a perspective of cyber security risks and help provide recommendations to mitigate the identified risks. Manager Information Security GRC is responsible for maintaining a robust Risk Management framework by evaluating applications hosted on prem or cloud, systems and external vendors to help reduce the security risks from cyber threats by highlighting remediation measures and advising on implementing corrective controls.
Responsibilities
Lead risk management program, planning and implementing compliance and risk assessment activities. This includes exception handling, Business Impact Assessment (BIA), and Business Continuity Planning (BCP). Security documentation governance – create, review, revise, and publish documents. Foster and sustain a positive security culture through security awareness initiatives Support the development of the GRC framework and ensure its proper operation; define and formulate the necessary processes related to GRC. Review risk exceptions per security processes, maintain risk register, and liaise with business units for tracking and closure. Support emergency security response in the event of a company-wide security incident or discovery of a significant security risk. Build, review, and sustain information security metrics program with periodic dashboards and reports to management. Serve as subject matter expert on Nissan security policy, processes, standards and best practices.
Competency Requirement
Manager Information Security GRC should have extensive experience in the coordination of program.
Perform risk assessments on systems, applications, and vendors and track open findings with business units for remediation and closure. Experienced in the development and implementation of information security policies, standards, and related procedures for security programs Experienced in cloud security assessments and defining security controls. Ability to assess environments against a wide variety of security, privacy, and compliance frameworks – ISO27001, NIST CST, SOC2, CMMC, WP29/UN-R155 Experienced in third-party risk assessment – program management, reviews, and closure Ability to handle end-user queries on information security matters independently Hands-on experience in security GRC workflow process automation tools like OneTrust, RSA Archer, etc Working knowledge of
Cyber and Cloud Security risks and controls
Security operations
System security engineering
Application Architecture reviews, SDLC, security tools and technologies
CSA Cloud Controls Matrix
Phishing simulation exercises
GDPR, SOX, PCI-DSS, SOC2, ISO 27001, Indian Digital Protection Data Protection Act
NIST Cybersecurity Framework
GRC (governance, risk management, compliance) – ITGC
Familiarity with automotive security standards like ISO/SAE 21434, UNECE WP.29 R155 CSMS
Experience
10 to 12 years experience in Cyber Security GRC with specific experience in systems risk and operational risk management
Desired Certifications & Skills
Qualifications
Trivandrum Kerala India
Job Description We never ask for payment as part of our selection process, and we always contact candidates via our...
Apply For This JobJob Description External Description: Our Company- Teradata is the connected multi-cloud data platform for enterprise analytics company. Our enterprise analytics...
Apply For This JobJob Family Descriptor Drive regular operations maintenance of IT infrastructure applications and database including delivery of infrastructure projects Continously strive...
Apply For This JobJob Description Job Description Details: IAM Specialist/IT Security Analyst, Sr (IAM): To be part of a global security services project...
Apply For This JobRisk Advisory | Cyber| SAP IT| JAVA Developer What impact will you make Every day, your work will make an...
Apply For This JobJob Description Reporting to the head of Voice and Video, this role is responsible for the design and day-to-day support...
Apply For This Job