Lead Risk Analyst Cyber Security
Lead Risk Analyst Cyber Security
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Country:
IndiaLocation:
Ecospace Campus 3A 4th Floor Outer Ring Road Bellandur Bengaluru 560103Position Title: Lead Risk Analyst Cyber Security
Location: Bangalore/Hyderabad
About the Role: : To lead the identification assessment management and governance of IT risks across Carriers enterprise environment. This role is critical to ensuring the resilience of IT services and the integrity of Carriers information assets by embedding a robust IT risk management framework aligned with global standards and Carriers strategic goals. The IT Risk Lead acts as the strategic owner of risk governance while working closely with IT Risk Analysts who are responsible for the daytoday and operationalization of controls assessments and reporting.
Key Responsibilities:
1. IT Risk Governance & Framework Management
- Design implement and maintain the IT Risk Management Framework aligned with Carrier based Digital Risk Framework which is derived from NIST CSF and ISO 27001.
- Define IT risk taxonomy thresholds and escalation protocols for consistent enterprisewide adoption.
- Serve as the primary liaison for IT risk matters across Carriers global business units infrastructure and application teams.
- Serve as the primary record creator for risks in ServiceNow GRC application.
- Key person contributing to the design and implementation of Risk 2.0 framework in SNOW which covers Risk issues and exception handling.
2. Risk Identification Assessment & Prioritization
- Conduct and oversee IT risk assessments (inherent and residual) across critical applications infrastructure and projects.
- Guide IT Risk Analysts in executing risk analysis evidence collection and scoring processes.
- Facilitate scenariobased and targeted risk assessments for highimpact areas including cloud migrations system upgrades and M&A.
- Maintain and update risk registers scoring models and risk heatmaps using GRC tools ServiceNow IRM
3. Control Management & Monitoring
- Define and implement key risk indicators (KRIs) and key control indicators (KCIs) for ongoing risk monitoring.
- Supervise IT Risk Analysts in evaluating control effectiveness and documenting evidence.
- Develop action plans for control deficiencies monitor remediation and report control maturity metrics.
4. Exception & Deviation Handling
- Lead the endtoend management of risk exceptions waivers and deviations from IT policy.
- Oversee the workflows managed by analysts and ensure that exceptions are timely reviewed and approved by appropriate stakeholders.
- Automate exception workflows and integrate them with CMDB and audit logs for traceability.
5. Stakeholder Engagement & Risk Reporting
- Prepare and present monthly/quarterly risk dashboards to senior leadership Risk Council and DCC.
- Conduct regular stakeholder sessions to capture risk concerns share insights and promote risk ownership.
- Provide risk insights to inform IT strategic decisions budget allocations and project prioritization.
6. Awareness Training & Culture Building
- Develop and deliver IT risk training modules to application owners support teams and project managers.
- Promote a riskaware culture through playbooks campaigns and collaborative learning sessions.
- Partner with HR and L&D to integrate IT risk content into employee training journeys.
- Mentor and coach IT Risk Analysts to build operational maturity and grow internal expertise.
Qualifications:
- Bachelors Degree in Computer Science or related field.
- Minimum 810 years in IT risk management audit or cyber governance.
- Strong knowledge of risk frameworks (NIST ISO 27001 COBIT) internal controls and security policies.
- Handson experience with GRC platforms such as ServiceNow IRM RSA Archer
Certifications (Preferred):
- CRISC CISA CISSP or ISO 27001 Lead Implementer.
Key Attributes:
- Strategic thinking with tactical .
- Strong interpersonal influencing and negotiation skills.
- Analytical mindset with the ability to simplify complex risk narratives for business audiences.
- Proven ability to lead crossfunctional teams and manage multicountry risk engagements.
Benefits:
We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary.
Have peace of mind and body with our health insurance
Make yourself a priority with flexible schedulesand leave Policy
Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme
Our commitment to you:
Our greatest assets are the expertise creativity and passion of our employees. We strive to provide a great place to work that attracts develops and retains the best talent promotes employee engagement fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong with diversity and inclusion as the engine to growth and innovation. We develop and deploy bestinclass programs and practices providing enriching career opportunities listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way.
Join us and make a difference.
Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or veteran status age or any other federally protected class.
Job Applicants Privacy Notice:
Click on this link to read the Job Applicants Privacy Notice
Required Experience:
IC
Employment Type
Full-Time
