Career Level: Level 10, 11, 12 & 13Required Relevant skill Experience:For CL 12 - 0 to 2 yearsFor CL 11 - 2 to 4 yearsFor CL 10 - 4 to 6 yearsLocation: Bengaluru, Chennai, Delhi\NCR, Hyderabad, Mumbai, PuneEntity: ATCI – Local Security SupportSkill Keywords: CISA, Security+, Risk Management, Cybersecurity, Governance Risks & Compliance, ISMS, SSAE18 SOC1& SOC2, ISO27001, Internal Audit, Information Security AuditScope:Information security for the Advanced Technology Centers India (ATCi)Job Responsibilities:Project information security (IS) assessments are our bread and butter. As an IS professional, your first step into the big bad world of risk assessments will involve conducting IS assessments for projects across India centers. You will check if the project meets the Accenture standard and client’s security requirements.The risks that you identify are super important to keep Accenture and our client’s data safe, it will ensure that Accenture is compliant with what was agreed in the client contracts.We are super proud of the fact that Accenture is the biggest company of its size that is globally ISO27001 certified (the Academy awards equivalent for IS standards) and our team is responsible for maintaining this hallowed certificate. 3rd party auditors descend on us every year to make sure that we are still worthy of the certificate, so we’ve got to be on our toes always and keep everything shipshape. As part of this you will be carrying out a bunch of activities such asMaking sure (via assessments) that the nice folks at support functions such as Workplace, HR, IT, Finance, Legal, Procurement etc. are compliant with ISO27001 security requirements.Risk assessments to report any risks that can mess up Accenture business goals and then monitoring these risks to make sure that they’re fixed.Think out-of-the-box box and innovate to get all of our Accenture folk in India as IS literate as possible. In the past we’ve done super fun stuff such as plays, live sessions, infosec gyan during new joiner orientation sessions, etc – the sky is the limit!We also need to stay compliant to certain other regulatory requirements and those have their scheduled assessments and activities too. Remember point 1? where we spoke about checking if the project teams are doing the right stuff? Well, quite often our clients decide to pay a visit to audit if everything is in order here or decide if they want to give us more business. This is the high adrenalin stuff where our team represents Accenture information security and supports the project folks face the client auditors.Must Have Skills: Risk Management, Governance Risks & ComplianceYou need to have a genuine interest in the information security domain and have the spunk and drive to make a positive difference in the organization – on ground. We work as a team and therefore you need to be collaborative well and a good team player. No room here for a lone wolf. Keep in mind that our role involves interfacing with multiple business stakeholders therefore you need to be able to speak to new people all the time. Goes without saying that good communication skills both written and spoken are quintessential for doing well at this job. Information security is one of the fastest changing domains, so you should have the ability to learn, adapt and evolve quickly to stay relevant in this field and the learning never really ends. We expect you to have at least a working hands-on knowledge of MS office suite tools like Word/Excel/Power-point – rest of the tools you learn on-the-job. If you have a background in project management or technical IT skills such as networking, telecom, security tools etc. you will be at an advantage. Though currently we are working remotely, flexibility to travel both within your designated city as well as inter-city is important for you to be able to conduct assessments and other IS activities on ground. Last but not the least, a curious bent of mind and hunger / passion to learn is a great attribute we need from our IS soldiers. As they say, half knowledge is always dangerous, so we always welcome folks who don’t stop learning. Ability to educate a non-technical audience about various security measures Attention to detail and time prioritizationGood to Have SkillsProfessional information security certification/sISO27001, Security+, CISA etc. and knowledge of SSAE18Experience in auditing ISO27001 and the SSAE18 SOC1& SOC2 controls Be up to date on the latest security trendsEqual Employment Opportunity StatementAll employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.Accenture is committed to providing veteran employment opportunities to our service men and women.
