Community

Home >

Jobs >

Senior Business Control Officer

Delhi, India (Remote)

Senior Business Control Officer

1 Month ago • 15 Years + • Cyber Security

About the job

2 skills required for this role

Test your skills to join the top 1% applicants for this job

excel

risk-management

Job Description

The Senior Business Control Officer for Information Security will play a crucial role in ensuring the robust security and control of Client's IT infrastructure. Responsibilities include implementing the organization's priorities, working with the Chief Information Security Office and Technology Governance Team to establish a strong risk management framework, determining risk appetite, monitoring the IT and IS risk profile, and reporting. This role requires extensive experience in IT and security, a deep understanding of risk management principles, and familiarity with relevant standards and methodologies (e.g., ISO/IEC 27000). The position is pivotal in supporting Client's transformation and ensuring the security of its systems.

Must have:

15+ years in enterprise IT
5+ years in security (technical & organizational)
Knowledge of ISO/IEC 27000, COBIT5
Operational risk management experience
Advanced MS Office skills
Excellent English communication

Good to have:

CISSP, CISA, ISO 27001 Lead Auditor
Six Sigma
Financial industry experience

Project description

The Control Office, part of the COO division, is responsible for:
- Monitor the implementation of the non-financial risk management framework
- To design and review effective and adequate frameworks of internal control mechanisms in cooperation with the Client infrastructure/business functions, with a particular focus on so-called 'lessons learned' and 'health checks'
- To support risk managers in implementing and improving the framework of internal control mechanisms
- To establish a review process of the operational risk profile
- To monitor and report control indicators
- Improve behavioral standards through increased awareness (in collaboration with HR and Compliance)

Following the split and IPO in 2018, Client has begun to become independent from his previous organization, but significant dependencies remain, particularly in the areas of IT infrastructure, applications and information security (IS). In 2024, a transformation program is launched to ensure that Client's IT infrastructure is separated, thus ending this dependency.
After completion of this initiative, Client will have sole responsibility for its entire IT environment and, as one of the world's leading asset managers, must therefore have adequate management and control mechanisms in place. To support the organization in this, new job profiles are currently being created in the Control Office.
The newly created job profile of the 'Senior Business Control Officer for Information Security' will report to the Head of the Control Office team for COO and work closely with the Chief Information Security Office, the Technology Governance Team, those responsible for applications and IT infrastructure, and the function responsible for information security in the 'Second Line of Defense'.

Responsibilities

Ensuring the implementation of the priorities of the organization and the Control Office such as findings management, post-incident reviews, risk & control assessments, scenario analyses, monitoring of risk appetite, risk metrics, and transformation activities regarding IT and IS risk management

Working with the Chief Information Security Office and the Technology Governance Team to create a context-specific framework and governance processes that enable IS and IT risks to be identified, managed, and reported on, including appropriate dashboards and metrics for the future multitude of IT service providers

Support in determining, reviewing, and adjusting the organization's risk appetite with regard to IS; monitoring the IT and IS risk profile with regard to risk appetite and corresponding reporting

Skills

Must have

Experience 15+ years in information technology at an enterprise level

Experience 5+ years in security (technical and organizational aspects), ideally in combination with experience in the financial industry, management consulting, auditing, or a technology company

Solid knowledge of relevant industry-specific and regulatory investigation methodologies and/or standards (e.g. ISO/IEC 27000 Series, COBIT5) required

University degree (computer science, business administration, natural sciences, or comparable); focus on information technology and information security preferred

Knowledge of the principles of operational risk management and experience in risk management

Advanced knowledge of MS PowerPoint, Excel and Word

Very good knowledge of English (spoken and written)

Nice to have

Additional certifications that would be advantageous include CISSP, CISA, ISO 27001 Lead Auditor, Six Sigma, or similar qualifications.

Other

Languages

English: C2 Proficient

Seniority

Lead

View Full Job Description

Upload your resume, increase your shortlisting chances by 80%

About The Company

Luxoft

1115 Active Jobs

Luxoft, a DXC Technology Company (NYSE: DXC), is a digital strategy and software engineering firm providing bespoke technology solutions that drive business change for customers the world over. Acquired by U.S. company DXC Technology in 2019, Luxoft is a global operation in 44 cities and 21 countries with an international, agile workforce of nearly 18,000 people. It combines a unique blend of engineering excellence and deep industry expertise, helping over 425 global clients innovate in the areas of automotive, financial services, travel and hospitality, healthcare, life sciences, media and telecommunications.

DXC Technology is a leading Fortune 500 IT services company which helps global companies run their mission critical systems. Together, DXC and Luxoft offer a differentiated customer-value proposition for digital transformation by combining Luxoft’s front-end digital capabilities with DXC’s expertise in IT modernization and integration. Follow our profile for regular updates and insights into technology and business needs.