Senior Security Engineer - Bengaluru, India - First Advantage

    First Advantage
    First Advantage Bengaluru, India

    2 weeks ago

    Default job background
    Description
    Who You Are?


    We are looking for a team member who considers themselves:Self-motivated – you love to lead others but are also ready to "roll up your sleeves." You can spearhead a project and see it through from start to completion.

    A team player – you navigate cross-functional teams and work well with team members across groups toward a common goal.

    While you are an independent contributor, you appreciate the value in collaboration.

    An innovator – you see gaps in current processes or workflows as an opportunity to improve and try something new.

    A lifelong learner – you seek opportunities to learn and upskill, you understand the importance of thorough and secure screenings, and are interested in the Human Capital sector and the confluence of people, process, and technology.

    What You'll DoA successful Senior Security Engineer will fulltime focus on risk and control functions response activity in support of client risk management and audit program.

    Provides back-office support to Sr. Manager – Third Party and Customer Assurance to improve audit and assessment processes.

    Works under general supervision and performs work of moderate to complex difficulty coordinating and responding to Client security assessments and third-party compliance assessments and takes the lead in collating the supporting evidence for responding to the client InfoSec questionnaires and closes the assessments onResponsibilities:Actively collates responses to the third party/client assessment and/or risk questionnaire management program.

    Develop and report on key risk metrics for the third-party/client risk management program for tracking the same in Archer.

    Participates and collaborates in InfoSec team risk assurance projects internally and contributes ideas to improve the client risk management program.

    Continuous inputs for client risk assessment responses TAT and remediation tracking.

    Basic RCA based on client risk assessment audit findings and reporting to the manager for its remediation tracking in Archer.

    Recommending modifications and changes, if any, to the current client/third party risk management process and benchmark to the evolving global best practices when suppliers also may service us from Cloud platforms.

    Strive for continuous risk improvement from a client risk perspective to our operations.

    Ability to evaluate risk implications inherent in new or changing third party relationships as part of the risk questionnaire responses shared.

    Understanding of General IT technology/Infrastructure concepts (design, development, UAT, licensing, hosting, etc.) and cloud security.

    What You May Need to be SuccessfulBachelor's Degree in Science/engineering (Computer Science or equivalent preferred).CISA, CISM, ITIL, CISSP or at least ISO Lead auditor certification is mandatory.

    Total 5-6 years of experience in information security or operations Risk Management2 years of IT Audit experience (internal/external) with minimum ISO27001 Lead auditor certification also preferably other security certifications like ITIL, CISA, CISM and CISSPUnderstanding of IT and Security Risk as it relates to Client's Risk Management highly preferred.

    Ability to evaluate risk implications inherent in new or changing third party relationshipsGood understanding of Enterprise Risk models and frameworks like ISO27001/NIST/COBIT/PCI-DSS.Experience working with a diverse range of data sources/streams and managing these effectivelyExcellent analytical, decision-making and problem-solving skillsAbility to develop partnership-oriented relationships with other operations and support functional leaders, especially as it relates to third party/client risk management.

    Excellent verbal and written communication skills to technical and non-technical audiences of various levels within FADV as well as to global outside parties like customer auditors.

    Ability to provide information to a wide variety of audiences regardless of topic and effectively deal with issues that are confidential and sensitive in nature.

    Ability to persuade and influence others on next steps and be a team player within the global InfoSec team.
    Must possess strong ethical standards regarding the handling of confidential informationMust possess good proficiency in MS Excel/Word.
    Excellent communication and presentation skills required – particularly with performing in-person or phone-based English-speaking client presentations and discussions.

    Experience in Archer or any GRC tools preferredWhy First Advantage is Your Next Big Career MoveFirst Advantage is going through a technology transformation We are looking for experts who are excited to work with advanced technologies and provide best-in-class user experiences, drive the development and deployment of scalable solutions, and smoothly guide our agile teams and clients through meaningful changes as we continue to expand our impact.