HCL Technologies || Information Security ||

HCL Technologies || Information Security ||

HCL Technologies || Information Security ||

Hcl Technologies Limited

7 - 9 years


Job description

Job Description:


  • Contribute to the organization wide information security standards and certification programs such as SSAE/ ISAE SOC1, SOC2, ISO 27001, PCI DSS, HIPAA and ISO 20000 etc.
  • Demonstrate knowledge of auditing processes/procedures and conduct periodic risk based internal audits and assessments across organization wide functions and IT systems, to highlight the potential risk exposures/ vulnerabilities and perform risk analysis.
  • Performs audit planning, co-ordinations and statistical sampling to accomplish audit procedures.
  • Performs periodic internal audits (testing and walkthrough procedures) of various functions to determine company compliance on the various information security standards and certifications such as SSAE/ ISAE SOC1, SOC2, ISO 27001, PCI DSS, HIPAA and ISO 20000 etc.
  • Recommends revisions to audit procedures to enhance efficiencies. Reviews internal controls throughout the company by evaluating the adequacy of system controls and recommends improvements.
  • Should be able to demonstrate knowledge of IT Security aspects towards key areas like Cyber Risks, SIEM, Network Security, Data Centre operations, End user device management, application support infrastructure, IT general controls (ITGC), and frameworks like COBIT and COSO.
  • Provide advice and take action, where necessary, in response to audit findings and recommendations with respect of information security.
  • Provide advice to the organisation on information risk management. Develop and deploy methodologies for risk assessment and prioritization, risk responses, and risk management capability assessments.
  • Continuously assess the shortfall between both actual security measures in place and being effective and those established at a policy level thus highlighting deficiencies for remedial action.
  • Suggest changes to relevant information security policies, procedures for improvement, ensuring that these are compliant with HCL/Customer Information Security policies and other legislation and regulations related to information security
  • Develop and implement information security awareness and training programme
  • Report regularly to the CISO office on the effectiveness of information security through established metrics
  • Maintain concurrency with security and security enhancing technologies and share knowledge with colleagues as needed to enable measures to be implemented where and when necessary/desirable.
  • Excellent written and oral communication skills e.g. presentation to top management and audit report writing.
  • Ability to work well within a team environment and participate in department projects.
  • Undertake any other duties commensurate with the grading of the post.



Industry TypeIT-Software, Software Services

Functional AreaOther

Employment TypeFull Time, Permanent

Role CategoryOther


About Company

HCL Technologies Limited

Company Info

Contact PersonDarshika Vishwakarma