Job Description
Location - Noida /Bangalore/Chennai
Key Quantitative Measures/Data
The role is expected to entrust the following responsibilities.
- Participate in Cyber security Assessment of the various IT functions to identify the gaps and Risks. He/she should have the capability to independently carry out assessments of the identified scope
- Invoke connect with stakeholders for assessment related interviews,
- Identify the scope and Initiate relevant Initial Data Request (IDR).
- Prepare the Assessment reports and manage the risk registers.
- Effective and timely communication of identified risks/gaps to the Assessee and validate the provided treatments plans for completeness and relevance.
- Participate in regular connects with stakeholders and ensure data presented is correct and updated.
- Validate the closures to ensure the identified risks are effectively managed.
- Presents updates (written reports) to senior management team on the review, assessment and publish a dashboard to the senior management capturing the most recent risk status.
- Participate in critical and high visibility projects.
- Partner with Global Information Technology, Global Information Security & other internal stakeholders for effective Cyber security assessments.
- Assessing the various threat advisories and technology available in the market.
- Keeping abreast with latest threat landscape and equipment with latest cybersecurity best practices
- Manage escalations, incidents, and complex problem
Qualifications and Experience Preferred Educational Degree in Computer Engineering, Computer Science, or other IT related discipline
Professional Qualifications - Desirable β CISSP, CRISC, CISA.
- Interested candidate should have knowledge and hands on experience on the IT security operation, concept, tools, and technologies.
- 8+ yearsβ experience with Information security and cyber security standard and guideline like ISMS (ISO ), NIST 800 β 53, CIS, Cyber Security Framework CSF V1.1 and IT general controls
- Experience in Risk Governance, Threat Hunting tools, Developing Process and policies and performing ISMS / NIST based risk assessment and other cyber security frameworks
- Security Operations Centre (SOC), Security tools implementation and configuration.
- Vulnerability management (Infrastructure and application),
- Penetration testing, Perimeter Security, Application security, Cloud security, Io T, Artificial Technology.
- Understanding of Cyber security risks, exploits, and vulnerabilities
- Network Security (Firewalls, VPN, NAC, Wireless), Data Security (DLP, Web Filtering, DAM, APT, CASB, SIEM), Endpoint Security (AV, Encryption, Patch Management, Data Classification, FIM, EPM, EDR/XDR), IAM (APT, MFA, PAM, ADM, MAM), and Application Security (WAF, Proxy, VAPT, SAST/DAST).
- Network - Configuration management, Network architecture, change management, problem management, data security, data backup, monitoring and log management, High Availability, Network segregation, patch management, data flow, Access mechanism and other configuration checks for secure operations.
- Cloud Network: Knowledge of network architecture, security controls, HA/load balancing, monitoring, encryption, and configuration checks across Iaa S, Paa S, and Saa S for secure cloud operations.
- Tools/Technologies - Understand Operational processes, configuration management, hardening, change process, availability & performance management, data flow mechanism, architecture, access mechanism and other security aspects.
- Stake holder and escalation management.
- Strong written and verbal communication skills.
- Proficiency in all the infrastructure layers, hardware, OS, virtualization, storage, network, database and security
- Candidate with previous experience of working with or in Blue/purple/Red teams will be preferred.
Key Quantitative Measures/Data
The role is expected to entrust the following responsibilities.
- Participate in Cyber security Assessment of the various IT functions to identify the gaps and Risks. He/she should have the capability to independently carry out assessments of the identified scope
- Invoke connect with stakeholders for assessment related interviews,
- Identify the scope and Initiate relevant Initial Data Request (IDR).
- Prepare the Assessment reports and manage the risk registers.
- Effective and timely communication of identified risks/gaps to the Assessee and validate the provided treatments plans for completeness and relevance.
- Participate in regular connects with stakeholders and ensure data presented is correct and updated.
- Validate the closures to ensure the identified risks are effectively managed.
- Presents updates (written reports) to senior management team on the review, assessment and publish a dashboard to the senior management capturing the most recent risk status.
- Participate in critical and high visibility projects.
- Partner with Global Information Technology, Global Information Security & other internal stakeholders for effective Cyber security assessments.
- Assessing the various threat advisories and technology available in the market.
- Keeping abreast with latest threat landscape and equipment with latest cybersecurity best practices
- Manage escalations, incidents, and complex problem
Qualifications and Experience Preferred Educational Degree in Computer Engineering, Computer Science, or other IT related discipline
Professional Qualifications - Desirable β CISSP, CRISC, CISA.
- Interested candidate should have knowledge and hands on experience on the IT security operation, concept, tools, and technologies.
- 8+ yearsβ experience with Information security and cyber security standard and guideline like ISMS (ISO ), NIST 800 β 53, CIS, Cyber Security Framework CSF V1.1 and IT general controls
- Experience in Risk Governance, Threat Hunting tools, Developing Process and policies and performing ISMS / NIST based risk assessment and other cyber security frameworks
- Security Operations Centre (SOC), Security tools implementation and configuration.
- Vulnerability management (Infrastructure and application),
- Penetration testing, Perimeter Security, Application security, Cloud security, Io T, Artificial Technology.
- Understanding of Cyber security risks, exploits, and vulnerabilities
- Network Security (Firewalls, VPN, NAC, Wireless), Data Security (DLP, Web Filtering, DAM, APT, CASB, SIEM), Endpoint Security (AV, Encryption, Patch Management, Data Classification, FIM, EPM, EDR/XDR), IAM (APT, MFA, PAM, ADM, MAM), and Application Security (WAF, Proxy, VAPT, SAST/DAST).
- Network - Configuration management, Network architecture, change management, problem management, data security, data backup, monitoring and log management, High Availability, Network segregation, patch management, data flow, Access mechanism and other configuration checks for secure operations.
- Cloud Network: Knowledge of network architecture, security controls, HA/load balancing, monitoring, encryption, and configuration checks across Iaa S, Paa S, and Saa S for secure cloud operations.
- Tools/Technologies - Understand Operational processes, configuration management, hardening, change process, availability & performance management, data flow mechanism, architecture, access mechanism and other security aspects.
- Stake holder and escalation management.
- Strong written and verbal communication skills.
- Proficiency in all the infrastructure layers, hardware, OS, virtualization, storage, network, database and security
- Candidate with previous experience of working with or in Blue/purple/Red teams will be preferred.
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application