Qualcomm Cyber Security Engineer Senior 

India, Telangana, Hyderabad 

926108789

Job Area:

Information Technology Group, Information Technology Group > Cyber Security Engineering

The Cyber Governance, Risk, and Compliance (CGRC) team plays a vital role in information security, responsible for ensuring that the organization’s information security policies and procedures are aligned with the business goals, and effectively managing risks and complying with regulations. The Cybersecurity GRC team member will be responsible in ensuring the effectiveness of information security within an organization. enhancing our cybersecurity governance, risk, and compliance maturity. This role focuses on control validation and third-party risk management to ensure our security posture meets industry standards and regulatory requirements.

Key Responsibilities:

Control Validation:

• Conduct regular assessments and validations of security controls to ensure their effectiveness.

• Develop and maintain control validation processes and documentation.

• Identify gaps in controls and recommend remediation actions.

• Collaborate with internal teams to implement and monitor corrective measures.

Third-Party Risk Management:

• Assess and manage risks associated with third-party vendors and service providers.

• Conduct thorough due diligence and risk assessments for new and existing third-party relationships.

• Develop and maintain a third-party risk management program, including policies, procedures, and tools.

• Monitor third-party compliance with security requirements and contractual obligations.

Other Governance and Compliance activities:

• Ensure compliance with relevant industry standards, regulations, and frameworks (e.g., ISO 27001, NIST, TISAX).

• Develop and update cybersecurity policies, standards, and procedures.

• Conduct internal audits and assessments to verify compliance with established policies and standards.

• Prepare and present reports on the status of the GRC program to senior management.

• Be responsible for operational tasks under GRC

Risk Management:

• Identify, assess, and prioritize cybersecurity risks across the organization.

• Develop risk mitigation strategies and track the implementation of risk treatment plans.

• Collaborate with cross-functional teams to integrate risk management practices into business processes.

Training and Awareness:

• Develop and deliver training programs to enhance awareness of cybersecurity governance, risk, and compliance.

• Promote a culture of security awareness and compliance throughout the organization.

• Bachelor’s/ Master’s degree in Cybersecurity, Information Technology, or a related field.

• 4-7 years of experience in cybersecurity governance, risk, and compliance.

• Strong knowledge of control validation methodologies and third-party risk management practices.

• Familiarity with industry standards and regulatory frameworks (e.g., ISO 27001, NIST, TISAX).

• Excellent analytical, problem-solving, and communication skills.

• Relevant certifications (e.g., CISA, CISSP, CRISC) are a plus.

Minimum Qualifications:

• Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of cybersecurity-relevant work experience.

High school diploma or equivalent and 4+ years of cybersecurity-relevant work experience.

Physical Requirements:

• Frequently transports and installs equipment up to 40 lbs.

Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law.