Position Description :
Business Division : Corporate
Department : IT
Location : Gurgaon
Position Title : Information Security Analyst
Level : J1/J2
Reporting to (Title) : DGM - Info Sec
Position Purpose :
- The position is responsible for monitoring & responding to security alerts, maintaining security solutions including AV, DLP, CyberArk, VA etc. and day-to-day security operations.
- This role is also responsible for analyzing trends and changes in threat and compliance environment with respect to organizational risk; perform risk and compliance self-assessments; develop & execute plans for compliance and mitigation of risk; develop information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security.
Strategic Responsibilities :
- Perform risk assessments to identify gaps, assess the effectiveness of existing controls, and recommend remedial action.
- Assess emerging threats and recommend appropriate action actions to ensure data security.
- Proactively research and stay up to date with the latest security issues.
Operational Responsibilities :
- Monitor and manage security alerts from key information security dashboards.
- Assess the security impact of security alerts and traffic anomalies to identify malicious actions.
- Analyze security breaches to determine their root cause and prepare RCA.
- Coordinate remediation activities with IT operations teams.
- Responsible for implementation, administration and support of enterprise security solutions.
- Assist with the development of security architecture and security policies, process and procedures.
- Facilitate scoping, testing and evidence gathering around regulatory and internal audit cycles.
- Review non conformances as identified in internal / external audits and ensure implementation of action plans for closure of gaps identified.
- Monitors and conducts routine audits on compliance to all information security procedures and policies, and ensures consistency of internal controls across departments.
- Provide MIS reports to management on key performance metrics for the function as per specified timelines
Financial Responsibilities :
People Responsibilities :
- Leads professional development of self through internal / external trainings.
Education Qualification :
- Degree in Information Technology or Computer Science or Network / Telecommunications Engineer-B. Tech., B.E, MCA, M.Sc. IT.
- Professional Security Qualifications preferred but not mandatory (like CEH, GCIH, CISA, CISM, CISSP).
Work Experience :
- 5-8 years of experience in Information Security or Cyber Security Industries.
Industry to be hired from : Any
Functional Competencies :
- Thorough knowledge/hands-on of security solutions (AV, EDR, DLP, VA tools, SIEM, IDPS, Firewalls, Web-Proxy etc.).
- Good understanding of Information security related standards and best practices (these include like ISO 27001, 27002, 22301, NIST, COBIT 5.0, PDPA, PCI-DSS, Cyber-crime act etc.).
- Good understanding of Information Security concepts (Confidentiality, Integrity, and Availability) and technologies (PKI, VPN, SSL, TLS etc.).
- Working Knowledge of IT disciplines such as data processing, hardware platforms, enterprise software applications, database administration and outsourced system.
- Understanding of HTTP/HTTPS and web application architectures around secure transmission and storage of data over public networks.
Behavioral Competencies :
- System and Process Adherence
- Drive for results
Interaction Complexity and Team Work :
- Interaction - Frequency - Purpose of Interaction
Internal :
IT teams (Site Infra/ IT Operations / Projects etc.) Finance, SCM,HR, R&D,IT, Legal and other departments :
- Planning of operations related to IT Security, MIS/reporting, IT Application and system related issues, Audits
Auditors, Vendors Government authorities, External Agencies and Knowledge Partners, Consultants, Trainers :
- For Audits, for procuring materials and negotiating prices
Didn’t find the job appropriate? Report this Job