Cognizant Enterprise Risk and Security Services, a key organization within Cognizant Technologies, is chartered with delivering security advisory and operational security solutions to Cognizant’s global customers. Our global workforce focuses on delivering best in class security solutions tailored to client security and compliance requirements. This Horizontal business works closely with other Horizontal and Vertical groups to ensure that solutions are delivered in with security by design.
Position Description
Cognizant requires an Advisory Principal to direct the execution of Cognizant’s Security Solutions practice delivering global enterprise security solutions to our customers covering the full range of security technologies and services. This leader will work within the Cognizant Global delivery framework based out of India to manage delivery of risk / security advisory/consulting programs and teams.
The successful candidate will have a track record of performing consulting assignments, providing points of view, recommendations for customers to help manage their risks and security infrastructure.
We are flexible with candidate location but travel to client sites in Derby/London will be required .
Key Responsibilities
In this role, the Principal Consultant will
- Define and execute end to end Consulting Led / Advisory practice engagements including proposal development, core delivery encompassing performing assessments, gap analysis, stakeholder interviews and coming up with strategy, recommendations, and implementation plan.
- Define and execute Advisory management strategies including escalation management, streamlining delivery process, control of margins and operations
- Engage with internal business and matrix technology teams to analyze the current state of security processes and systems of customers, then use that information, along with business strategies to envision the future state in accordance with customer business needs
- Collaborate closely with designers, engineers, and other cross-functional team members within the organization to ensure that our products are built to the highest security standards.
Qualifications:
- The ideal candidate should have good experience and a strong Information Security Technology specifically in Risk Management and Security
- should have Security Consulting, Professional Services and Managed Services experience
- should have leadership and management talents to build and grow a security practice in a transformational and innovative organization
- should have strong understanding of the business impact of security tools, technologies and policies.
- should possess deep domain knowledge in Governance, Risk and Compliance preferably with Audit background and must possess technical expertise in 2 of the associated infosec domains: Cyber (TM/VM), IAM, SOC, Cloud Security and Security Outsourcing
- must have performed gap assessments for regulatory requirements from PCI, HIPAA, HITRUST, GDPR etc
- must have deep knowledge of standards and risk management frameworks ISO 27001/2, NIST, COBIT, CSA CCM
- must possess high proficiency in using MS office specifically Word, Excel, powerpoint
- should possess a knowledge of enterprise security environments, experience in security consulting services including impact on GRC from next generation solutions for IOT, Cloud etc
- should have demonstrated ability to create and maintain CISO, CSO-suite relationships, act as Trusted Advisor and derive business from those relationships.
- should be well versed in security Policies & standards, security GRC and Security Audit practices
- should have expert level understanding of the information security vendor landscape specifically in GRC domain including Archer, Metric Stream etc
- should work collaboratively with other Cognizant practices and geographic regions to ensure that Cognizant continues to operate effectively as one firm
Educational Requirements:
- Advanced degree in Information Security or related technical discipline.
- Holds security certifications such as SSCP, CISM, CISSP, CCSO, GSEC or other related information security related industry certification.
General Knowledge, Skills and Abilities
The successful candidate possesses:
- A personal style that is viewed as open-minded and collaborative
- The ability to work successfully in a flat, collaborative, highly matrixed environment
- Excellent communicator with proven ability to clearly convey complex ideas and data in written, presentation and spoken formats to a variety of audiences, including customers, partners, sales, analysts, journalists and social media
- Outstanding project management skills and the proven ability to manage multiple complex initiatives in parallel
- Ability to effectively write and communicate complex issues in an easy to understand manner
- Ability to clearly articulate positions on a variety of issues
- Ability to be candid, open and consistent in communicating
- Ability to share information with awareness of its effect on others
- Ability to demonstrate a balance of speaking and listening so that neither is overly dominant
- Ability to tailor written communications to audience, avoiding technical jargon
