Security Lead (Technology Risk) (BB-A7D1D)
Found in: Talent IN
Description:Job Summary This role will undertake and deliver security projects effectively and efficiently with enhanced business requirements as well as ensuring compliance to security standards and policies. This role provides operational and conformance checking of information security implemented. The role will undertake specific security tasks directly and will work with identified stakeholders to ensure that SDLC is in compliance with Security Compliance matrix and security policies. Additionally, this role will undertake regular conformance checking tasks to ensure compliance is met to acceptable security levels. This role will also undertake a number of critical Technology projects which manages to successful delivery of projects and the associated resources. Further, this role will work with all departments across Technology, Business and Third Party vendors/partners and manages inter-dependencies / work-streams and across multiple projects to ensure that Projects are delivered on time Provide consulting services for Technology & Business team for Security process and implementation of controls. Define Security assessment scope, time lines and goals. Pro-actively reviews all systems and types of access controls on various risks like Cyber Threats, Data Security and compliance and communicate for timely actions to mitigate them. Manages all type of internal and external InfoSec audits, status of Security assessment, Reported Observations and remediation. Works on application security requirements during System development lifecycle (SDLC) life cycle and User access provisioning lifecycle of technology products Delivers Security Assessments projects on time, and at the expected quality, have root- cause analysis with clear action plan and obtain sign-off with all relevant parties. Knowledge and Skill Requirements Experience in Security Assessments, Vulnerability Assessments and ISO27001 Audits. Practical understanding of security standards, Processes and risk frameworks. Has good understanding of development tools and Telecom systems. Knowledge of current industry best practices and standards, local/international security and compliance guidance. Broad, and commensurately high-level knowledge of Security technology, such as PKI, firewalls, encryption, IDS & IPS, Cyber threats, encryption, identity management. Strong time management and prioritization skills. Ability to work with Technical and Non- Technical business owners. Practical understanding of security processes and risk frameworks. Has good understanding of development tools and Telecom systems. Knowledge of current industry best practices and standards, local/international security and compliance guidance. Other Requirements Bachelor/Master of Science degree in Computer Science, Engineering, Telecommunications or management degree 5 to 7 years Application Security lead demonstrating successful implementation of Application & network security solutions and effective management of technology risks. such as, GIAC Network /security , CEH, Cloud security etc. any of above is mandatory while any of the CISM, ISO 270001 LA, CISSP, CISA or GIAC etc. would be plus. Knowledge of Unix, Windows, Nokia, Cisco, VM ware etc. Proficient in Microsoft Project and Office (Outlook, Word, Excel, PowerPoint, Visio). Excellent planning, organization and problem solving skills. In-depth knowledge of system development life cycle. Excellent communication skills.
calendar_today3 days ago