ZS is a place where passion changes lives. As a management consulting and technology firm focused on transforming global healthcare and beyond, our most valuable asset is our people. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop products that create value and deliver company results across critical areas of their business including portfolio strategy, customer insights, research and development, operational and technology transformation, marketing strategy and many more. Bring your curiosity for learning; bold ideas; courage and passion to drive life changing, impact to ZS.
Our most valuable asset is our people.
At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems-the ones that comprise us as individuals, shape who we are and
make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about.
ZS IT Support teams are aligned with the company's business strategy and operating model and aims to provide its 10000 plus employees and their clients the right tools and information for high performance. The IT organization focuses on providing products and services to ZS to ensure successful business outcomes. This involves providing a scalable, sustainable and reliable IT infrastructure, customized applications, messaging and collaboration products, Business Intelligence and Database administration support along with a reliable 24*7 uninterrupted high-quality technology support services.
Specialist -Compliance and Audit
We are currently seeking applicants for the position of Specialist - Risk Management and Audit to join our India IT Governance, Risk and Compliance team. The position will support various management directed, IT risk governance initiatives which include following job requirements:
Ensure risk and control activities are completed in a timely and appropriate manner
Act as SME supporting functional managers in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate
Lead any Security Framework Implementation (Like ISO 27001, NIST, etc.)
Provide first line of defense support in assessing risk and reviewing control issues
Documentation of control procedures, standards and guidelines, etc.
Report control issues and follow up on non-compliances with Functional leadership to mitigate and close the issues
Co-ordinate and Track the tickets / findings in areas below to closure
IT Operational Risks and Information Security Risks
Control Self assessments
Internal/External Audit findings with appropriate CAPA
BCP / Disaster recovery
Problem tickets with root cause analysis
Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.)
Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.)
Control conformance monitoring
Identification and application of required governance for risk and control issues using appropriate toolsets
Generate regular reports for Senior Management
Ensure that Risk and Compliance activities associated are regularly reviewed to drive continuous improvement: providing Subject advice, making recommendations and interventions as appropriate
Responsibilities:
Asist in prioritizing and planning risk management activities
Working with Risk Lead to review, prioritize and assign identified control gaps
Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc.
Audit / Regulator engagement & issue management (SOC 2 Type 2, ISO 27001, etc.)
Technology Infrastructure Specific Risk/Compliance Metrics reporting
Control Execution / Control remediation oversight and escalation
Risk acceptance / Deviation review
Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route
Act as SME supporting functional units in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate.
Retain oversight of all active governance activity across all relevant key risks under Technology Infrastructure Operations. Create / review/ continuous update of the risk library
Report and publish control issues and active non-compliances to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees.
Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures
Champion and lead a culture of customer service and continuous improvement ensuring that opportunities for process and service Improvements Monitor performance and identify areas for improvement Actively look for ways of smoothing peaks and troughs and reducing time scales.
Qualifications:
Atleast 8-10 Years of experience in Information Security Area
Good Risk / Control / Compliance and Information Security skills
Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security
Working knowledge of group risk frameworks, policies and standards
Stakeholder management
Advanced Communication skills (Speaking/ Writing/Listening)
CISSP / CISM / CISA/ CRISC certification preferred
Proficient in MS Office productivity suite (e.g. Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred
Basic working knowledge of following (Majority of the points, if not all):
COBIT - Control Objectives for Information and Related Technology
ISO/IEC 27001:2013 - Code of Practice for Information Security Management
NIST SP 800-53
NIST CSF
SOC1/SOC2/SOC3
HIPAA/HITECH Security and Privacy Audit Protocol
Shared Assessments Standard Information Gathering (SIG) framework
US SOx - Sarbanes Oxley Act
US HIPAA/HITECH Act
EU GDPR - General Data Protection Regulation
US EU Privacy Shield
India Companies Act
Perks & Benefits:
ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.
We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Considering applying?
At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact in global healthcare and beyond. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above.
ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law.
To Complete Your Application:
Candidates must possess work authorization for their intended country of employment. An on-line application, including a full set of transcripts (official or unofficial), is required to be considered.
NO AGENCY CALLS, PLEASE.
Find Out More At:
www.zs.com
ZS Pune, Maharashtra, IND Office
ZS Pune (International Tech Park) Office
International Tech Park, Panchshil Towers Tower-C, ITPP, Vitthal Nagar, Kharadi, Pune, Maharashtra, India, 412207
ZS Pune, Maharashtra, IND Office
ZS Pune (World Trade Center) Office
ZS moved to its state-of-the-art World Trade Center office in 2016. Pune is a leading hub for tech talent in India.