Lead - Risk and Compliance Analyst

SystemsPlus is hiring for Exp : 8yr+Location PuneNight Shift.This role will be expected to assist with the implementation of leading security and governance practices, procedures, and controls to protect information assets and ensure compliance with applicable regulatory requirements. IT Compliance (3rd Party Risk Management (80%)Responsible for independently maturing Carter’s IT 3rd Party Risk Management program Responsible for leading the implementation of the IT 3rd Party Risk Management program for all of CRI.Partner and support the Director of IT Risk and Compliance with the selection of 3rd Party Risk Management Framework High level of professional written and verbal communication is needed in this role. This role is responsible for partnering with every LT member and their team that owns any vendor relationships and providing strong recommendations on how to handle vendor management within the Carter’s. Role needs to be able to explain the business case and collaborate effectively with multiple challenging high-level stakeholders.Responsible for preparing and reporting IT 3rd Party Risk Management status and key metrics to Executive Management.Responsible for analyzing all vendors to determine Carter’s Tier 1 through Tier 3 vendors and implementing a cycle for periodic reviewsEvaluates and updates IT security policies, procedures, and standards to ensure alignment with applicable security control requirementsAssist the VP of Procurement to build out the vendor management global program for Carter’sReview guidelines related to IT 3rd party risk management, and coordinate with various teams to ensure compliance with requirementsManage and upkeep of data maps process i.e., workflows within One Trust that handle IT 3rd party vendor management dataMonitoring and management 3rd party vendor investigation as appropriate including collaborating with business partners who own the vendor relationship Coordination of IT 3rd party vendor management external systems in support of internal groupsAssist with other IT 3rd party vendor management compliance needs for Carter’s IT Risk Management (20%)Assists with the execution of IT security risk assessments against industry leading security controls frameworksRegularly updates metrics and analysis to track remediation progress and demonstration of control maturity and effectiveness Evaluates the adequacy and effectiveness of safeguards protecting sensitive Company informationAssist with the Cyber Security semiannual review process SECONDARY FUNCTIONS (IF APPLICABLE - ANY DUTIES NOT CONSIDERED ESSENTIAL)As needed, independently researches 3rd party risk management related assignmentsAssists with special projects and risk mitigation objectivesJOB REQUIREMENTS (MINIMUM COMPETENCIES REQUIRED FOR JOB PERFORMANCE)Experience implementing 3rd party risk management plans The ability to think critically, assess and quantify technology risk, document complex processes, and collaborate effectively with cross-functional stakeholders is requiredPRIOR WORK EXPERIENCE AND EDUCATIONAL REQUIREMENTSBachelor’s degree is required, technical degree is preferredProfessional certification (CISA, CISM, CGEIT, CRISC or similar) Prefer 8+ years of experience related to building and implementing IT 3rd party risk management programs Interested candidate drop CV here

Apply Now