Colorado Technology Jobs

Colorado Jobs

Job Information

Cognizant Technology Solutions Senior Manager, Information Risk Management (100% Remote) - in Englewood, Colorado

The scope of this position focuses on the Cybersecurity Oversight andGovernance for Cognizant Life Sciences. Cognizant requires an IRM Sr. Managerto execute the security governance risk and compliance program for the LifeSciences business unit.The IRM Sr. Manager will provide operational support asan individual contributor within the Corporate Security organization.Additional activities include supporting strategic and technicalinitiatives, performing Operational Risk Assessments, managing RiskAcceptance activities, developing annual risk posture and remediationrecommendation report, and completion verification reviews of securityprojects and initiatives. Candidates will have a proven ability to infuseinnovation and creativity into tactical activity with a focus on exceptionalcustomer service.Key Responsibilities include:Contribute to, and improve, the operations of Security Risk Management fora the Life Sciences business unit by identifying and managing the treatment ofrisks to Cognizant and client informationContribute towards the execution of policies, standards and proceduresspecific set by enterprise standards and account specific standards as theyapply to security governance, risk, and compliance requirementsPerform security risk assessment activities, including third partyevaluation and management, and related analysis, including ongoingcompliance monitoring in coordination with governance lead and external teammePlan and support the execution of risk mitigation actions established as a theresult of risk assessments and related analysisContribute to the production and improvement of the content, quality, andtiming of security governance, risk and compliance analysis and reportingMonitor and evaluate security measures to protect against reasonablyanticipated threats or hazards to the privacy, security or integrity ofprotected information (PHI, PII, PI, IP)Develop project plans, estimations, specifications, flowcharts, andpresentationsPerform tasks as set forth by the information Risk Management LeadContribute to regular project reviews and accurately communicates the statusof projects in both formal and informal settings throughout project lifecycle.Contribute towards the execution of activities including the identification ofcompliance gaps, the development of remediation plans, documentation,monitoring compliance status, and ultimately provide attestation of complianceContribute towards the execution of security compliance reviews of masterservice agreements and advise business team regarding gaps and correspondingmitigation requirementsMeet with clients to review contracts, provide security overview forassurance, manage incidents updates, and support business opportunitiesContribute to the design and implementation of technical security safeguardarchitectureWorks with infrastructure teams to execute the vulnerability managementprogramWorks closely with infrastructure and application owners to validate securecoding best-practicesValidate, support, and improve the Application Security program, thestatic and dynamic scanning infrastructure, and execute governance assessmentsSupport the assurance that developers have the required infrastructure,security tools, and training to ensure secure code developmentWill identify the source of a security breach quickly and move towardcontainment is essential and be able to manage multiple projects on a dailybasisWill operate in a close team of computer digital forensic, fraud, andother IT investigative expertsBuild rapport, credibility, and cohesion across all business unit teamsand IT teams in the course of managing the projectsDocument and track all incidents to meet audit, compliance, and legalrequirementsConduct root cause analysis to identify gaps and recommendations ultimatelyremediating risks to the firmPeriodically reports progress to management, and assesses and measuresresults related to Information Security activitiesOther duties as assignedEqual OpportunityEmployer-mino

DirectEmployers