Secur Cslt Iii-sec Risk Mgt - Hyderabad, India - Verizon

Verizon

Verified Company

Hyderabad, India

2 weeks ago

Posted by:

Deepika Kaur

beBee Recuiter

Description

When you join Verizon:

Verizon is one of the world's leading providers of technology and communications services, transforming the way we connect across the globe.

We're a diverse network of people driven by our shared ambition to shape a better future.

Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role.

Together, we are moving the world forward - and you can too. Dream it. Build it. Do it here.

What you'll be doing
:

Determining if security risk factors exist by engaging in business and IT initiatives to obtain and understand functional and technical requirements involving internal software development, use of third parties, new technologies or any use of information assets.
Evaluating new or modified endtoend systems and evaluate inherent risk of human factors and associated process flow.
Assessing these risks against internal security standards and develop appropriate mitigation strategies to reduce potential loss to within acceptable limits.
Participating as a stakeholder representing Information Security in functional and technical requirements and design sessions via the agile and traditional software development methodologies.
Assigning a preliminary risk profile by identifying the information security risk factors based on data classification, design, and functional purpose and use.
Working with architecture teams to understand enterprise solutions and impacts on security controls.
Determining if other security or privacy risk factors exist due to the uniqueness of the initiative and evolving business ventures.
Performing detailed risk assessment and provide risk reduction recommendations and security requirements and guidance to IT and business teams supporting the initiatives.
Providing security requirements during planning sessions, functional and technical requirement sessions, user story creation and grooming, and technical design based on identified risks.
Determining if any compensating controls are necessary due to inability to comply with the primary control requirements.
Facilitating and help design compensating controls when needed.
Ensuring requirements and design include approved strategic security technologies.
Completing and present to Security management and business sponsors a risk assessment evaluation articulating risk and impact analysis when security controls cannot be met by an initiative to ensure transparency and appropriate level of acceptance.
Participating weekly meetings with management and security team peers to provide project updates and risk overviews.

Where you'll be working

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

What we're looking for
:

You'll need to have:

Bachelor's degree or four of more years of work experience.
Four or more years of relevant work experience.
Experience in an Information Security, Information Risk Management, Software Development/Technical Support related position.

Even better if you have one or more of the following:

One or more of the following professional certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC), or Certified Cloud Security Professional (CCSP).
Knowledge of all stages of the SDLC process, from coding and code promotion through all levels of testing as well as management of multiple nonproduction environments.
Experience in Cloud security especially in AWS, Google Cloud Platform, or Azure.
Experience in SoftwareasaService (SaaS) security and vendor security in general.
Experience in source code control systems (eg Git) and relevant security controls.
Experience in DevOps concepts and especially DevSecOps tools.
Experience in the security and governance of Big Data.
Knowledge of relational and nonrelational databases and understanding of the Open Systems Interconnection model.
Knowledge of data security fundamentals and best practices with prior responsibilities of protecting information assets.
Ability to effectively communicate with Legal department attorneys and other supporting business groups such as Compliance and Finance.
Excellent written and verbal communication skills, documentation and organization skills.

Where you'll be working:

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

Scheduled Weekly Hours:
40

Diversity and Inclusion:

We're proud to be an equal opportunity employer. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential a