Before you apply to a job, select your language preference from the options available at the top right of this page.
Explore your next opportunity at a Fortune Global 500 organization. Envision innovative possibilities, experience our rewarding culture, and work with talented teams that help you become better every day. We know what it takes to lead UPS into tomorrow—people with a unique combination of skill + passion. If you have the qualities and drive to lead yourself or teams, there are roles ready to cultivate your skills and take you to the next level.
Job Description:
Senior Information Security Analyst – Role Description
Location: Anywhere in India (Remote)
Business Hours: Europe
About UPS
UPS (NYSE: UPS) is one of the world’s largest companies, with 2022 revenue of $100.3 billion, and provides a broad range of integrated logistics solutions for customers in more than 220 countries and territories. We operate one of the largest airlines and one of the largest fleets of alternative fuel vehicles under a global UPS brand. UPS is committed to reducing its impact on the environment and supporting the communities we serve around the world. UPS also takes an unwavering stance in support of diversity, equity, and inclusion.
About Information Security at UPS
Information Security Risk Management has always been and shall continue to remain a top priority for UPS Leadership.
UPS’s InfoSec organization oversees all information security issues for UPS's business operations. The InfoSec organization establishes security policies and standards, makes sure UPS is compliant with security regulations, and maintains security controls designed to prevent accidental, unauthorized, or unlawful access, destruction, disclosure, alteration, or loss of UPS’s information assets and infrastructure.
The UPS InfoSec organization is headed by the Chief Information Security Officer (CISO), who reports directly to the Chief Information and Engineering Officer (CIEO).
UPS Information Security Governance, Risk & Compliance (GRC)
Information Security GRC team is an integral part of the CISO org at UPS and is responsible for the following assurance activities.
Customer Assurance Vendor Assurance Regulatory Assurance Systems Assurance
In addition, the role is also responsible for Information Security Policies, Standards, Awareness and Enterprise Resiliency.
Job Summary
This role will remain part of Europe Information Security Team and have InfoSec responsibilities for Europe & ISMEA regions.
The Senior Information Security Analyst role conducts Security Risk Assessments on Applications / Systems with an aim to determine the effectiveness of security controls, identifies risks and control gaps and provide an independent assurance to the leadership. This position facilitates collaboration with other IT and non-IT functions enabling them to operate in a risk aware environment.
The role shall conduct Information Security Assessments on Vendors who process UPS or UPS Customer Data based on industry standard security frameworks such as SIG, CAIQ, NIST 800:53 or ISO27001. The role will also conduct negotiations with the Vendors to sign Information Security Agreements.
In addition to responding to Customer RFPs on Information Security, the role will provide SME support for any Customer Assurance Audits representing the interests of UPS and shall also engage in the review of the standard Information Security clauses in any agreements with Customers.
The role will collaborate with other teams such as Privacy and Aviation and ensure appropriate responses are provided to Information Security / Cyber Security related compliance questionnaire to Regulators.
The role must be able to work independently with little supervision or oversight.
The role must maintain a current knowledge of emerging technologies and cyber / privacy regulations.
The role must act as a trusted advisor to the IT, Privacy, and other business teams.
Professional Experience/Skills
Experience / expertise in areas such as the following:
Development and rollout of Information Security Policies and Standards
Conducting Information Security Assessments to comply with various industry standards including working knowledge of cyber & privacy regulations such as NIS 2.0 and GDPR in addition of expertise in standards such as ISO27001 and NIST 800:53 / NIST 800:171
Information Security Risk Management
Fundamentals on one of more of the following areas: Security Operations, Security Architecture & Engineering, IT Networking, IT development and Cloud technologies.
Education
The Senior Information Security Analyst will possess a degree or beyond in domains such as Information or Cyber Security, Information Systems, Computer Science, Mathematics, or related field or its equivalent and a credible work experience.
Certifications
Must possess one or more of the following certifications or their equivalent:
CISA or CISM or CISSP or Cloud Security or equivalent
Any additional technology related certifications will be an added advantage.
This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.
Employee Type:
UPS is committed to providing a workplace free of discrimination, harassment, and retaliation.