Information Security / Security Risk Assessment
Looking for Security Risk Assessment professional with a leading MNC
Location : Mumbai
Yrs of experience : 7-9 years
Certification : CISSP / CISA/ CISM
Experience required : Infrastructure Security / Security Risk Assessment/ Firewall rule review process preferably with a BFSI domain.
Role & Responsibilities :- Maintain the firm's security, standards and guidelines Enforce policy and regulatory compliance.
- Sound understanding of Infrastructure, Application security assessment and secure SDLC framework.
- Conduct and document Information Security Application and System risk assessments using the firms - global standards and develop risk mitigation strategies.
- Work closely with the business and operations teams to identify risk in different processes and provide assistance in closure of the same.
- Hands-on in automated scanning for vulnerability assessment and familiar with at least one network (Nessus,) and web application vulnerability scanners (HP Web Inspect, Rational AppScan, with source code analysis tools (Fortify).
- Understanding of OWASP, SANS, NIST standards and maintain professional Security
- Certifications such as CEH, ISO 27001, ITIL, CISSP, CISA, CISM etc.
- Proven ability to develop KPI, Metrics, Dashboards, Heat maps, etc. for monitoring and reporting risks for operational as well as senior management consumption.
- Contribution to Information Security strategy and raising security awareness across the organisation.
- Extensive knowledge on Firewall rule review process
Technologies Covered :- Application Assessment with understanding of OWASP
- Vulnerability Assessment & Penetration Testing Methodologies
Team hCapital Business Consulting Pvt Ltd