Information Security/Security Risk Assessment Role - IT

Information Security / Security Risk Assessment

Looking for Security Risk Assessment professional with a leading MNC

Location : Mumbai

Yrs of experience : 7-9 years

Certification : CISSP / CISA/ CISM

Experience required : Infrastructure Security / Security Risk Assessment/ Firewall rule review process preferably with a BFSI domain.

Role & Responsibilities :

- Maintain the firm's security, standards and guidelines Enforce policy and regulatory compliance.

- Sound understanding of Infrastructure, Application security assessment and secure SDLC framework.

- Conduct and document Information Security Application and System risk assessments using the firms - global standards and develop risk mitigation strategies.

- Work closely with the business and operations teams to identify risk in different processes and provide assistance in closure of the same.

- Hands-on in automated scanning for vulnerability assessment and familiar with at least one network (Nessus,) and web application vulnerability scanners (HP Web Inspect, Rational AppScan, with source code analysis tools (Fortify).

- Understanding of OWASP, SANS, NIST standards and maintain professional Security

- Certifications such as CEH, ISO 27001, ITIL, CISSP, CISA, CISM etc.

- Proven ability to develop KPI, Metrics, Dashboards, Heat maps, etc. for monitoring and reporting risks for operational as well as senior management consumption.

- Contribution to Information Security strategy and raising security awareness across the organisation.

- Extensive knowledge on Firewall rule review process

Technologies Covered :

- Application Assessment with understanding of OWASP

- Vulnerability Assessment & Penetration Testing Methodologies

Team hCapital Business Consulting Pvt Ltd