Cloud Security Grc - Bengaluru, Karnataka, India - BNC

BNC

Verified Company

Bengaluru, Karnataka, India

2 weeks ago

Posted by:

Deepika Kaur

beBee Recuiter

Big 4 is hiring for Cloud Security GRC role for Bangalore location at consultant level

Duties and Responsibilities:

Work closely with the technology team to build and maintain secure, scalable, and highly

available cloud-based infrastructure.

Experience with information security; cloud security; risk assessment and GRC is must to have
Develop and maintain cloud-based security policies, procedures, and guidelines.
Conduct ongoing security assessments and audits to identify vulnerabilities and ensure

compliance with ISO standards.

Develop and maintain scripts and tools for automated security testing, monitoring, and incident

response.

Support the technology team in designing, implementing, and testing secure and reliable cloud

- based solutions.

Provide training and education to team members on cloud-based security best practices and standards.
Collaborate with other teams (e.g. cyber security, IT operations) to ensure the security and compliance of the entire infrastructure.
Stay up to date on emerging cloud security trends and technologies.

Required Skills & Qualifications:

Bachelors degree in Computer Science, Information Technology, or related field with 4 plus years of relevant experience.
Implements security controls, risk assessment framework, and program that align to regulatory requirements on Cloud.
Experience in evaluating Information security policies, procedures and standards.
Evaluates risks and develops security standards, procedures, and controls to manage risks.
Implements processes, such as GRC (governance, risk and compliance), to automate and

continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts.

Defines and documents business process responsibilities and ownership of the controls.
Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, protecting Personally Identifying Information (PII) data, and Payment Card Industry Data Security Standards (PCI DSS).
Experience in internal and external information security risk and exceptions assessments, including incidents, vulnerability management, scans, patching status, secure baselines and penetration test results.
Document and report control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
Strong understanding of ISO 27001, 27002, NIST and CSA-CCM.
Certifications in cloud security (e.g. CCSK, CCSP) and CISSP/CISM

Job Types:
Full-time, Permanent

Salary:
Up to ₹1,500,000.00 per year

Schedule: