Data Security & Protection Analyst - Digital IT

About the role

The Company Egon Zehnder ( www.egonzehnder.com) is trusted advisor to many of the world's most respected organizations and a leading Executive Search firm, with more than 600+ consultants and 69 offices in 41countries spanning Europe, the Americas, Asia Pacific, the Middle East and Africa. Our clients range from the largest corporations to emerging growth companies, government and regulatory bodies, and major educational and cultural institutions. The firm is a private partnership which allows us to operate independent of any outside interests. As a result of this unique culture, Egon Zehnder has the highest professional staff retention rate for a global firm in our profession. We have a blue chip client base across all industries and operate at the Board and senior management level.. Knowledge Centre India (KCI) Established in January 2005, KCI in Gurgaon, works in close collaboration with the Global offices of Egon Zehnder. There are 5 teams that make up KCI: Research, Research Operations, Visual Solutions, Projects/CV Capture and Digital IT. Who we are! We are part of Digital-IT team established 17 years ago in Gurgaon, India to provide technology support and rollout digital initiatives to 60 plus global offices. Digital IT has six key pillars - Collaboration Technology; Functional Technology; Digital Technology; Security & Architecture; Infrastructure & Services, Digital Success to support business and to take lead on digital transformation initiatives with the total strength of 150+ team members across the globe The Position This is a critical role at the cusp of cyber security and data privacy. This individual will have a direct line of reporting to the Director as well as a dotted line of reporting to the Egon Zehnder's Legal Counsel. Key Result Areas What will you do? Provide response to Data Security and Protection Requests for client proposals (RFP), audit questionnaires and other documents to Egon Zehnder clients from an IT and data privacy perspective as received from business or legal team Work closely with various IT functions and Legal team to ensure that technical knowledge is maintained, and that RFP and other client response can be accurately and timely answered Assess gaps in policies, processes and cybersecurity technology while reviewing and responding to the above RFPs and come up with proposals and suggestions for their mitigation or risk reduction Stay updated and informed of the various Data privacy laws e.g. GDPR, CCPA and similar as mandated by various countries and assess them to identify and propose additional controls and policies for our local offices to remain compliant with the law of the land around IT and Cyber security. Collaborate cross-functionally with roles such as IT infrastructure, Digital/application development, and Legal to identify and highlight gaps and risks with existing applications and technologies around Cybersecurity and Data Protection laws. Be responsible for the adoption and implementation of standard frameworks e.g. NIST. Adopt new controls and align cybersecurity policies as per well-known standards e.g. ISO 27001 for reduced scrutiny and quick closures of RFPs. Actively participate in driving Risk management function around information and cyber security, maintenance of risk register, and work towards improving the risk maturity level of the firm. Assess risk imposed by technical solutions and advise business of security standards, best practice and solutions to address data security and protection risk. Actively participate in running internal data security and protection audits, which includes assessment and gap analysis of current IT security policies, processes, systems and controls. Be responsible for driving cyber and information security awareness and training campaigns globally for Egon Zehnder offices. Experience and key Competencies Experience in RFI and RFP response in the area of Cyber Security Solutions including infrastructure security, security monitoring /analytics / incident-response, risk & compliance management, identity & access management and data security solutions 3- 5 years of Information Security, vendor risk management and/or other risk management experience preferably in banking or financial services industry Experience and affinity with data privacy laws namely GDPR Familiar with regulatory and industry standards such as NIST, ISO 27001 etc. and SOC1/SOC2 audit reports Ability to answer complex risk assessments and questionnaires across all domains of IT Security Understanding of enterprise security systems (e.g., Firewalls, VPN, SEIM), security threats and related risks, data loss prevention, malware protection etc. Ability to adapt to a fast-moving IT landscape and keep pace with the latest thinking and new security technologies Capability to understand, analyze, and interpret legal, contractual language, and summarize findings in concise, articulate manner Ability to be discrete and maintain confidentiality with respec

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Egon Zehnder? Share your experience