Job Description

Responsibilities

  • He /She shall be responsible for execution of various Information & Cyber Security controls and processes, daily security monitoring tasks and various weekly /monthly security controls & reporting activities(such as monitoring access logs and security violations , analyzing user access requests and conducting periodic access reviews, data collation /analysis & reporting, managing various security control books and procedural documentations etc.).
  • He /She shall be responsible for execution of controls related to Regulatory & Head Office guidelines and ensuring compliance to those, conducting investigations and reporting of security incidents . He/ She shall be involved in imparting security training and awareness sessions.
  • He /She shall be responsible to support the implementation of new security tools & technologies and/or new IT systems, and administer /operationalize such security tools including defining use-cases, creating control tasks, SOPs etc.
  • He /She shall be responsible for execution of various Security controls for the organization, and should be able to execute and improve the Security KRIs and appropriate reporting thereof.
  • He /She shall be responsible to perform IT Security Risk assessments of new & existing processes, projects and applications / infrastructure.

    • The incumbent shall be able to continuously analyse bank’s information /cyber security program, implementation & execution of defined controls, and work towards sustained compliance to those and improvement of the same.

    (a) Knowledge (b) Skills (c) Experience (d) Qualifications

    A & B. Knowledge & Skills:

  • Detailed understanding of IT Security and Infrastructure practices , operations, standards and frameworks.
  • Good working knowledge of performing IT Security risk assessments
  • Good working knowledge of SOC processes and related Security Monitoring Tools (such as SIEM, NBAD (Behavioral Anomaly detection), DAM etc) .
  • Good working knowledge of Privileged Identity & Access Management (PIM/ PAM) , related tools & controls.
  • Good understanding of Network Security and working knowledge of related Monitoring (such as Log analysis, Firewall reviews, IDPS alerts etc) .
  • Good working knowledge in Vulnerability Assessments (VA /PT) and/or System Security Hardening and appropriate remediations.
  • Good working knowledge /understanding of Data Protection & Security, DLP, data encryption etc.
  • Good working knowledge of handling information/cyber security alerts & incidents (such as related to phishing, malware, cyber-frauds etc).
  • Ability to execute / implement Information Security Operations processes and perform daily / weekly /monthly security controls and tasks.
  • Good working knowledge of implementation of security tools and related administration /operationalization.
  • Fair understanding / Experience of working on Security Audits – would be preferred, but not mandatory.
  • Good working knowledge on MS Office tools like Excel, Powerpoint would be essential. Should be well versed with various functions and data handling techniques in Excel.
  • Ability to work on routine security activities as well complex technical security projects and initiatives.
  • Proven track record in IS processes execution and enhancements. Willing to quickly learn and adapt to new processes & environment.

    • C. Experience:

  • Around 5 to 8 years of progressive experience in the field of Information Security , including experience in either Cyber Security , Security Controls & Operations, CSIRT (Cyber Security Incident Response Team) or Privileged Identity & Access Management  in a global environment. Experience in BFSI or Banking environment would be preferred, but not mandatory.

    • D. Qualifications:

  • Must have completed a Bachelor’s degree (preferably BE / B.Tech.). A Master’s degree in Information Systems will certainly be preferred.

    • Certification – Select the relevant Certifications from the list below :

    Any one or more of the below or other similar security related certifications:

  • ISO 27001 Lead Implementer / Auditor
  • Lead Auditor Certified from Reputed ISO Certification Body (such as BSI)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • Cloud Security related certifications such as CCSP or CCSK

    • Any other Cyber Security related certifications

    Apply for this Position

    Ready to join ? Click the button below to submit your application.

    Submit Application