Information Security Risk and Compliance Analyst
India - Hyderabad
Amgen
Amgen is committed to unlocking the potential of biology for patients suffering from serious illnesses by discovering, developing, manufacturing and delivering innovative human therapeutics.Career Category
Information SystemsJob Description
Join Amgen’s Mission of Serving Patients
At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do.
Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives.
Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career.
What you will do
Let’s do this. Let’s change the world. In this vital role you will involve working closely with various departments to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts.
Roles & Responsibilities:
Risk Identification and Assessment:
Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies.
Assist in the identification and evaluation of risks associated with third-party vendors and partners.
Maintain the IT risk register, documenting risks, issues, and remediation actions.
Risk Mitigation and Monitoring:
Recommend risk mitigation strategies and implement risk management controls across IT infrastructure.
Collaborate with IT, cybersecurity, and business teams to supervise and resolve identified risks and vulnerabilities.
Supervise and report on the efficiency of existing IT risk controls and recommend improvements as needed.
Compliance and Regulatory Support:
Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST).
Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices.
Support the development and implementation of IT governance, risk, and compliance frameworks.
Vendor Risk Management:
Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies.
Regularly review vendor performance and risk exposure, working with procurement and legal teams as vital.
What we expect of you
We are all different, yet we all use our outstanding contributions to serve patients.
Basic Qualifications:
Master’s degree and 1 to 3 years of information technology, Cybersecurity, Risk Management, or a related field experience OR
Bachelor’s degree and 3 to 5 years of information technology, Cybersecurity, Risk Management, or a related field experience OR
Diploma and 7 to 9 years of information technology, Cybersecurity, Risk Management, or a related field experience
Preferred Qualifications:
Strong understanding of IT infrastructure, systems, and security best practices.
Ability to assess technical and business risk related to information systems.
Excellent problem-solving, analytical, and communication skills.
Ability to communicate complex risk concepts to non-technical stakeholders.
Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS).
Technical Knowledge:
Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools.
Experience with security controls related to networks, databases, and cloud environments.
What you can expect of us
As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way.
In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.
Certifications:
CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable.
Apply now
for a career that defies imagination
Objects in your future are closer than they appear. Join us.
careers.amgen.com
.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISSP Cloud Compliance CRISC GDPR Governance HIPAA IT infrastructure Monitoring NIST Risk assessment Risk management SOX Vulnerabilities
Perks/benefits: Career development Competitive pay
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.