More jobs:
Job Description & How to Apply Below
- Execute information security assessment, business continuity assessment, risk assessments pertaining to clients IT environment.
- Execute technical risk assessments around applications, control testing on premise and for Cloud environment etc.
- Execute activities like data discovery, privacy & security impact analysis and propose process and technical solutions to the team.
- Document policies & procedures meeting the regulatory compliance and risk management requirements.
- Develop knowledge base, re-usable components for GRC advisory services.
- Responsible for development and enhancements of GRC services and delivery capabilities.
- Develop competency in GRC platforms (design, architecture, development & support. Participate in pre-sales activities for client RFPs/RFIs
- Implement ISO 27001 ISO 22301 framework. IRDAI guidelines and NIST framework.
- Implementation Knowledge of DPDPA
- Develop a complete set of corporate Information Security and business continuity policies and standards and continually monitoring the information security controls, KRIs/KPIs and technical landscape.
- Lead on compliance reviews, certifications, and accreditations (e.g., ISO
27001, ISO
22301, IRDAI, ISNP, NIST and Cyber Security guidelines)
- Work with business, internal IT and third-party vendor teams to promote and adopt security best practices.
- Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce confidential risks, where applicable.
- Work with Security partners, Managed Security Service Provider (MSSP) to conduct and review regular security assessments (Pen tests, Vulnerability scans etc.) of vendors and solutions (SaaS, IaaS providers and MSSP
- Create, communicate, and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants, and other service providers.
- Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
- Oversee information security audits, whether performed by organization or third-party personnel.
- Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
- Implement projects as per roadmaps.
- Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
- Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
- Day to day monitoring of IT Processes/IT Infrastructure from information security perspective.
- Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans.
- Manage security incidents and events to protect corporate IT assets.
- Supervise change management process from Information Security perspective.
- Manage & supervise vendors based on SLAs defined.
- End to End knowledge on Security Incident Alerts & Management.
- Comprehensive knowledge on MS Server environment, Linux Security, Operations (Endpoint Security, Data Leakage Prevention, Endpoint Encryption, SIEM, IDS/IPS, Firewalls, Proxy, WAF CASB and CCM
- Comprehensive knowledge on multiple technologies amongst Firewall / PIM PAM / ENDPOINT / DLP / EDR / ENCRYPTION / DNS Security / WAF/Proxy / Server Security / IPS / Email Security / SIEM / Deep Security Multi Factor Authentication, Antivirus, Patching
- Strong understanding in analysing network event logs, web filter activity, Antivirus, Antimalware, DLP, Syslog’s, IPS, and security system logs.
- Strong understanding and direct experience on Cloud Security, Network Security
-Anomaly Detection Systems, Firewalls, Routers, Switches, Confidential LDAP, AD Servers etc.
- Experience in Network.
- Knowledge of Information Security Management System - ISO 27001, Business Continuity Management System - ISO 22301
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×