Job Description

About Leading-Biotechnology-Company
ANSR, a market leader in enabling organizations to build, manage and scale global teams, is partnering with a renowned biotechnology company who is redefining the future of human health by providing solutions to some of the most complex problems in the healthcare industry. They are committed to making precision medicine accessible and carries out their business operations in an environmentally sustainable way.
Now is your opportunity to join their innovative team in Bengaluru, India. For over 20 years now, companies cutting across size, industry and markets have relied on ANSR's expertise to successfully build global business and technology teams. We can help you land a rewarding career in this dynamic industry.
If you are eager to contribute to a company with strong values, a supportive environment and where you get opportunities to work on challenging projects that uses cutting-edge technology to improve millions of lives, this is your chance to join a truly remarkable team. Apply today!

About Illumina:
Illumina is a leading developer, manufacturer, and marketer of life science tools and integrated systems dedicated to making genomics useful for all. Illuminas integrated Indian global hub in Bengaluru, Illumina India Biotechnology Private Limited, is focused on technology activities that will help usher in the next wave of innovation in healthcare and medical research. If youre eager to work on challenging projects that uses cutting-edge technology to transform the future of healthcare, this is your chance to join a truly remarkable team.

Position Summary:
The Sr. IT Security Risk & Compliance Analyst will work within the security certifications team to support and mature a strong security certifications program. With an immediate goal to provide operation support in maintaining ISO:27001, C5 and SOC 2 certifications for Illuminas cloud-based analytics products. The role will bring the necessary subject matter expertise in the ISO, C5 and SOC 2 security certifications space and work with the program manager based in the AMR region to meet future business needs. The position requires ability to operate with remote supervision, with high customer satisfaction, efficiency, and accountability towards the success of the program.This position interacts with all tiers of staff and management and must possess good project management and organizational skills.
Scope of Responsibilities:

• Applies core knowledge and understanding of area of specialization to provide solutions in creative and effective ways.
• Assesses unusual circumstances and uses sophisticated analytical and problem-solving techniques to identify cause and suggest variations in approach.
• Works on assignments of diverse scope where information is limited and problem solving requires adaptation of existing techniques.
• Enhances internal and external working relationships and networks with senior partners within area of expertise.
• Adapts style to differing audiences and often advises others on difficult matters that require persuasion.
• Work is done independently and is reviewed at critical points.
• Uses evaluation, judgment, and interpretation to select best course of action.

• Responsible for ensuring various process owners maintain the required ISO 27001, C5 and SOC 2 and various additional security framework requirements (e.g. NIST, PCI, HIPAA)
• Management and custodian duties related to GRC tool (AuditBoard)
• Documenting evidence that supports compliance with security requirements
• Coordinates data gathering, logging and upkeep of periodic activities as defined within the security management process.
• Develops and maintains periodic review of ISMS program based polices.
• Advises project teams and internal GIS customers on ISO, C5 and SOC 2 certification scope, and compliance approach.
• Assist and lead process improvement projects to enhance control strength.
• Manage Quarterly compliance requirements for various security frameworks
• Operate independently to manage end to end compliance activities within projects.
• Develops and maintains metrics to demonstrate security controls health throughout the year.
• Assist in maintaining ISO, C5 and SOC 2 security risks, open action items and drive them for closure.
• Support internal security audits conducted as part of ISO, C5 and SOC 2 programs.
• Schedule, maintain and facilitate SME walkthroughs during external and internal audits.
• Work within the GRC audit tool to maintain audit schedules, control strength ratings and SME ownership assignments.
• Facilitate and maintain ISO, C5 and SOC 2 programs non-conformance actions including root-cause analysis and investigation status.
• Listed responsibilities are an essential, but not exhaustive list, of the usual duties associated with the position. Changes to individual responsibilities may occur due to business needs.

• Experience with ISO:27001 and SOC 2 requirements and security regulations within other frameworks e.g., 21 CFR Part 820/11, ISO 13485, FDA, SOX, HIPAA and C5.
• Strong organizational skills to maintain and manage activities around ISO, C5 and SOC 2 certification projects.
• Strong experience with GRC tool configuration and maintenance (e.g. AuditBoard)
• Experience working within a distributed team in multiple geographical locations.
• Strong oral and written skills to persuade, direct and advise stakeholders on security compliance processes.
• Understanding of cloud infrastructure, cybersecurity threats, vulnerabilities and risk management
• Ability to articulate security & compliance requirements & strategy and provide tailored approach to meet the business needs.
• Experience and leadership in fast-paced project implementations.
• Excellent customer service and communication skills.
• Experience with software development lifecycle activities, methodologies, testing and validation.
• Experience with common IT infrastructure and applications, e.g., virtualization, directory services, storage, DBMS.
• Security certifications such as Security+, CEH, CISA, CISM, or equivalent are a plus
• All listed requirements are deemed as essential functions to this position; however, business conditions may require reasonable accommodations for additional task and responsibilities.

• Typically requires a minimum of 5 years of related experience with a Bachelors degree; or 3 years and a Masters degree; or a PhD without experience; or equivalent work experience