The Job logo

What

Where

Specialist, IT Risk & Compliance

ApplyJoin for More Updates

You must Sign In before continuing to the company website to apply.

Smart SummaryPowered by Roshi
The Specialist, IT Risk and Compliance is responsible for ensuring the IT Controls are working as designed and Compliance is met. The incumbent is able to interact with internal and external stakeholders and provide support and guidance around IT policies, risk and compliance.

Summary: 

The Specialist, IT Risk and Compliance is responsible for ensuring the IT Controls are working as designed and Compliance is met. The incumbent is able to interact with internal and external stakeholders and provide support and guidance around IT policies, risk and compliance.

 

Detailed Description: 

Performs tasks such as, but not limited to, the following:

  • IT SoX controls testing monitoring based on the IT SoX requirements. 
  • Participates in the IT Risk assessments around data in scope for SoX and Crown Jewels 
  • Support the Data Loss Prevention program.
  • Assist in developing and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for the Data Governance Security Program and initiatives.
  • Provide guidance on IT controls improvements and implementation, assisting with the IT controls updates and re-design
  • Participates on IT compliance projects and ensures team members are provided with timely and accurate project information and status updates. 
  • Participates in the audit process - enforces compliance measures to ensure audit readiness and assists internal and external auditors with the audits.
  • Leadership - provides performance feedback on team members as well as instructs and supervises the work of IT Student Interns.
  • Assists with policy and process changes to ensure the documents are up to date
  • Interfaces with the business and IT teams where required to apply IT controls and/or improvements to the existing IT controls.

 

Knowledge/Skills/Competencies: 

  • In-depth knowledge of the IT General Controls framework process. 
  • Data security/privacy experiences including but not limited to, data classification, data encryption, data desensitization, etc
  • Must have experience in designing and implementing the data security solutions
  • Applicable experience with information security technologies including GRC technology platforms, encryption, Data Loss Prevention (DLP).
  • Knowledge of the latest technical developments in encryption technologies. 
  • Ability to provide assistance around ITGC to individuals outside the immediate work unit/team. 
  • Knowledge of Celestica’s technology, business and IT strategies. 
  • Knowledge of IT analysis, design and development. 
  • Proficient in IT Security 
  • Proficient in Data Management and Analytics 
  • Proficient in Delivering Initiatives within the Operating Model 
  • Intermediate level of understanding in Project Management 
  • Intermediate level of understanding in Architecture and Solution Integration  
  • Proficient in Business Partnering 
  • IT Penetration Testing 
  • Proficient in IT Risk Management  
  • Proficient in IT SoX Compliance 
  • IT Security Architecture 
  • IT Compliance Standards and best practices  
  • Ability to work in a team environment 
  • Change Management and project management skills 
  • Excellent resource management and prioritization skills. 
  • Excellent analytical skills 
  • Excellent verbal and written communication skills 
  • Knowledge of IT SoX audit framework and requirements 
  • Knowledge of IT audit procedures and techniques
Set alert for similar jobsSpecialist, IT Risk & Compliance role in Chennai, India
Celestica Logo

Company

Celestica

Job Posted

a year ago

Job Type

Full-time

WorkMode

Hybrid

Experience Level

3-7 years

Category

IT Services and IT Consulting

Locations

Chennai, Tamil Nadu, India

Qualification

Bachelor

Applicants

Be an early applicant

Related Jobs

Celestica Logo

Specialist, IT Risk & Compliance

Celestica

Chennai, Tamil Nadu, India

Posted: a year ago

Performs tasks such as, but not limited to, the following: Coordinate with key stakeholders to initiate, scope and plan cybersecurity risk controls assessments of new and existing high risk suppliers. Assists with the implementation of risk management programs/ frameworks while identifying and minimizing negative impacts to the business. Develops and implements risk mitigation strategies. Acts as a subject matter expert in the evaluation, development and implementation of an internal control system. Participates in the IT Risk assessments - serve as a third party risk assessor, performing risk assessments by evaluating third party attestations, performing control design review, and control implementation validation.   Make meaningful risk mitigating recommendations to directly improve the third party risk posture of Celestica.  Builds effective relationships with internal/external stakeholders. Ensures alignment between stakeholders. Develops, documents and maintains business/group procedures updating and obtaining approvals as regulations or the operating environment changes and communicates changes to the business/group & relevant stakeholder groups. Tracks exception/exemption requests and corresponding approvals. Builds awareness, knowledge, and skills and, as necessary, provides communication, practical tools and ongoing support including making presentations, to promote a culture of risk identification and management. Recommends adjustments to the overall program, policy or processes within the business/group in accordance with the Risk Appetite Statement, Governance and Corporate Policy. Supports the business/group through internal/external audits or regulatory examinations and assists in development of action plans to resolve any identified issues. Broader work or accountabilities may be assigned as needed. Liaise with key business stakeholders and IT teams to support the completion of the third party risk management processes and due diligence.    Knowledge/Skills/Competencies:  Experience and understanding of third-party risk management, process mapping, bottleneck identification and associated control remediation.  Knowledge and experience working with third party management frameworks. Knowledge and insight of regulatory requirements and expectation on third party risk management. Knowledge of team budget and tracking mechanisms  Knowledge of Celestica’s technology, business and IT strategies.  Knowledge of IT analysis, design and development.  Knowledge of IT Security controls and frameworks  Proficient in Data Management and Analytics  Proficient in Business Partnering  Proficient in IT Risk Management   Ability to work in a team environment  Change Management and project management skills  Excellent resource management and prioritization skills.  Excellent analytical and problem solving skills  Excellent verbal and written communication skills  Knowledge of IT audit procedures and techniques Technical proficiency gained through education and/or business experience Collaboration & team skills - In-depth

Celestica Logo

Senior Specialist, IT Solutions

Celestica

Chennai, Tamil Nadu, India

Posted: a year ago

Summary: The Senior Specialist, IT Solutions provides business, process and technical expertise to teams that are responsible for assessing, designing, delivering and supporting IT solutions to clients and customers. The Senior Specialist, IT Solutions will also have the experience and responsibility to ensure that solution team members that are external to IT or even Celestica will also provide quality input and deliverables in a way that meets Celestica's overall goals and requirements, and will need to manage relationships and negotiate and resolve conflict when necessary. The Senior Specialist, IT Solutions will have the knowledge and experience to establish goals and strategies in areas of speciality.   Detailed Description: Performs tasks such as, but not limited to, the following: Support and communicate with stakeholders including IT/Business Partners as well as external/internal communities for opportunities and or alignment of solution strategy Support in providing solution architecture as well as guidance in the selected area of responsibility (e.g. Shopfloor, IT, SCM, Ops, etc.) Provide guidance in IT Process (e.g. Operating Model, Governance, System Development Life Cycle) Provide direction and/or guidance in relevant technologies and concepts (e.g. Azure, Cloud Tech, .NET, SAP/ABAP, etc.) Perform technical execution of solutions including requirements gathering, blueprinting, development and deployment.   Knowledge/Skills/Competencies: Design, develop composite workbooks in RR Author workbooks with commands, schedule tasks, automation chains Authoring or enhancing scorecards, dashboards. Exposure to Control set configurations, Planning Calendars, PDR customizations Enhancing existing workbooks as per business needs and performing associated regression testing Knowledge of scripting, Forms and webservices is an added advantage RR Data Governance and Data model  Kinaxis Rapid Response certifications is an added advantage. Kinaxis Author Level2 or Level3 is good to have Create/Draft functional specification, Technical specification documents, Testing scenarios associated to it Good knowledge on Supply chain planning concepts, Forecasting, Inventory management, MRP,Production Scheduling etc Strong knowledge & experience in Agile and Waterfall development/project methodologies Perform technical execution of solutions including requirements gathering, blueprinting, development and deployment Strong knowledge & experience in IT process (.e.g operating model, governance, IT delivery lifecycle) Strong knowledge & experience in select business processes (e.g. Shopfloor, IT, SCM, Ops, etc.) Ability to make or guide decisions, and drive team actions in accordance with strategy Good problem solving & analytic skillset, with an ability to innovate Strong relationship management and negotiations skills

Celestica Logo

Specialist, IT Infrastructure - Zscaler Support

Celestica

Chennai, Tamil Nadu, India

Posted: a year ago

Summary:  The Specialist, IT Infrastructure - Zscaler Support will install, maintain, upgrade, and continuously improve the site's operating environment, ensuring the ongoing reliability, performance and security of the infrastructure. This includes monitoring and up keeping the operating environments; responding to incidents & problems, planning for growth, deployment of new technologies as well as design, install, configure, maintain and perform testing of PC/server operating systems, networks, and related utilities and hardware. Other responsibilities include troubleshooting problems as reported by users, supporting Web access and network.   Detailed Description:  Performs tasks such as, but not limited to, the following: Provide technical support and perform maintenance Perform service monitoring and reporting, with a focus on risk management and compliance Explore new solutions, enhancements and opportunities for continuous improvement, projects and more Perform the acquisition, provisioning and decommissioning of related equipment, software and services Lead projects and change management initiatives Manage external service providers Knowledge/Skills/Competencies:  3 - 5 years of Zscaler experience. Strong customer service orientation Strong analytical, troubleshooting and problem solving skills. Good communication (both oral and written), documentation and presentation skills. Good leadership and teamwork skills.  Negotiation and conflict resolution skills. Good ability to plan projects and tasks.    Good understanding of IT requirements for an end to end solution, including security, business continuity, disaster recovery, risk analysis and prepare business case In-depth knowledge of the Windows OS (server and client) and the desktop operating environment. Linux and other mainstream OS knowledge will be helpful. Fundamental knowledge of networking concepts Advanced knowledge of infrastructure service management & diagnostic tools and processes Advanced knowledge of end-point security management tools and processes Understanding of IT Infrastructure asset lifecycle management

Celestica Logo

Specialist, IT Infrastructure - Backup Steady State Support

Celestica

Chennai, Tamil Nadu, India

Posted: a year ago

Summary:  The Specialist, IT Infrastructure - Backup Steady State Support will install, maintain, upgrade, and continuously improve the site's operating environment, ensuring the ongoing reliability, performance and security of the infrastructure. This includes monitoring and up keeping the operating environments; responding to incidents & problems, planning for growth, deployment of new technologies as well as design, install, configure, maintain and perform testing of PC/server operating systems, networks, and related utilities and hardware. Other responsibilities include troubleshooting problems as reported by users, supporting Web access and telephony services, and the acquisition, replacement and decommissioning of related equipment, software and services.   Detailed Description:  Performs tasks such as, but not limited to, the following: Provide technical support and perform maintenance Perform service monitoring and reporting, with a focus on risk management and compliance Explore new solutions, enhancements and opportunities for continuous improvement, projects and more Perform the acquisition, provisioning and decommissioning of related equipment, software and services Lead projects and change management initiatives Manage external service providers   Knowledge/Skills/Competencies:  Strong customer service orientation Strong analytical, troubleshooting and problem solving skills. Good communication (both oral and written), documentation and presentation skills. Good leadership and teamwork skills.  Negotiation and conflict resolution skills. Good ability to plan projects and tasks.    Good understanding of IT requirements for an end to end solution, including security, business continuity, disaster recovery, risk analysis and prepare business case In-depth knowledge of the Windows OS (server and client) and the desktop operating environment. Linux and other mainstream OS knowledge will be helpful. Fundamental knowledge of networking concepts Advanced knowledge of infrastructure service management & diagnostic tools and processes Advanced knowledge of end-point security management tools and processes Understanding of IT Infrastructure asset lifecycle management

Celestica Logo

Specialist, Information Security

Celestica

Chennai, Tamil Nadu, India

Posted: a year ago

Summary The Specialist, Information Security will participate in PoC/Pilots for new security technologies and/or capabilities. They will be responsible for the assessment of new security solution partners as well as assist with defining company security policies and standards. The incumbent will need to understand business and network risks and be able to provide appropriate recommendations to address / resolve them. The Specialist, Information Security will participate in PoC/Pilots for new security technologies and/or capabilities. They will be responsible for the assessment of new security solution partners as well as assist with defining company security policies and standards. The incumbent will need to understand business and network risks and be able to provide appropriate recommendations to address / resolve them. Detailed Description Performs tasks such as, but not limited to, the following: Be able to administratively configure and manage key security solutions Manage an enterprise-sized solution base of more than 15,000 endpoints Provide 3rd level security solution support ensuring specified service levels are met Able to make low level risk assessments of requested changes - making sound decisions before modifying system parameters. Able to quickly attain an understanding of the functionality and technology of operating systems as well as an understanding of business critical applications and their potential major issues. Able to quickly attain an understanding of the functionality and technology of operating systems as well as an understanding of business critical applications and their potential major issues. Able to provide input to and work with the larger security team members to develop and refine additional monitoring content and use cases. Keep and relay detail status reports of weekly activity. Exercise basic forensic skills related to providing only relevant data when and for what is being requested Provide general security advice/consultation to application/platform owners and convey complex technical details in a short and easy to understand manner Upgrade / install application or operating system software and hardware. Knowledge/Skills/Competencies Proficient in Information Security Proficient in Risk Mitigation and Business Controls Proficient in Data Management and Analytics Intermediate level of understanding in Project Management as well as Change Management Intermediate level of understanding in Architecture and Solution Integration Proficient in Business Partnering Proficient in IT Penetration Testing, IT Vulnerability assessments, IT Incident Response Management and IT Security Architecture Proficient knowledge of information security standards and regulations Knowledge of software design process and data modeling Knowledge of computer operations/applications support in client/server environment Knowledge of IT requirements for an end to end solution, including security, business continuity and disaster recovery Knowledge of team budget and tracking mechanisms Knowledge of Celestica’s technology, business and IT strategies Knowledge of IT delivery/operations, analysis, design and development Skills and Experience in installing and managing complex security solutions Skills and Experience in at least two Platforms Ability to predict, detect and respond to potential malicious factors Great operating systems knowledge (both Microsoft and *NIX) Knowledge of MySQL, SQL or Oracle DBs are an advantage Excellent resource management and prioritization skills Strong leadership skills and ability to work in a team environment Excellent verbal and written communication skills and ability to provide functional or technical project advice to individuals outside the immediate work unit/team