Information Security Risk Analyst

Summary: Information Security risk analyst will be a member of the Information Security team and will work to improve and sustain a secure way of working with NXP’s third parties. Third parties could be suppliers, as well as customers and partners. They get or deliver services or products from or to NXP and thereby have access to NXP confidential data and information. NXP wants to protect its data and information from leaking and has a responsibility to carry out a third-party risk analysis. Within the Information Security team this analysis focuses on a Information Security risk analysis.

Job responsibilities:

• Monitoring incoming third-party Information Security risk assessments
• Carrying out third party Information Security risk analyses and identifying appropriate mitigation actions using Information Security controls
• Actively following identified third-party mitigation actions to closure
• Formulating and discussing appropriate Information Security risk related language for our third-party contracts
• Monitoring and following up on Information Security incidents with our third parties
• Improving the execution of the third-party Information Security risk management process through innovation, automation and optimization
• Developing and maintaining standard operating procedures

Job qualification:

• Bachelors in CSE/ECE with 3+ years of experience in Information Security domain.
• Strong expertise in risk analysis and Information Security controls
• Good familiarity with ISO27001, SIG, SOC2-type2 and NIST CSF standards
• Strong verbal and written communication skills, with English as the main language
• Self-starter with the ability to work with a great degree of autonomy
• Willingness to work with flexible working hours
• Relevant knowledge of semiconductor process technology production processes and generic IT processes is an advantage

More information about NXP in India...