Senior Information Security Analyst (A, B, C), Chennai (REQ-1472)

Location: 
Chennai Asia PacificIndiaChennai
HID Global
2021-02-01
Job Type: 
Full-time
Functional Area: 
Information Technology
Job Level: 
Associate

Job Title: Senior Information Security Analyst          

Department: IT Security                                           

Reports To:  Manager- Information Security        

Location: Chennai

 

Job Description:

 This Role is primarily responsible for performing risk assessments, third-party reviews, internal audits, information security control, and system review and design. The successful candidate should have broad information security and risk experience, a high degree of professionalism, friendly and collaborative demeanor, and have strong verbal, written, and organizational skills. This position typically reports to the Manager of Information Security

 

Responsibilities include but not limited to, the following:

 Research, collect and analyze data to perform risk analysis and remediation

 Perform reviews of Third Parties to identify risks and potential remediation

 Generate reports and executive summaries of Third-Party assessments

 Participate in audit functions and perform control effectiveness reviews

 Act as part of a team responsible for HID Global security architecture

 Prepare security reports by collecting, analyzing, and summarizing data and trends

 Review proposed information systems and related technologies

 Conduct Information Security Internal audits as per the standard & other requirements

   such as ISO 27001.

 Reports on key metrics and findings.

 Conducts risk assessments on vendors and internal applications.

 Collaborates with development and other functional areas to address vulnerabilities   

  within systems/applications.

 Stay abreast of related emerging technologies and threats

• Other duties as assigned

 

Qualifications

 Minimum 6-9 years of experience in information security risk and compliance

 Familiarity with ISO 27001:2013, NIST 800 series, NIST CSF, SOC 2, FedRamp and related risk assessment Methodologies

• Good knowledge of enterprise network and systems architecture concepts and technologies, including but not limited to an enterprise directory, enterprise integration architecture, and Identity & access management

• Thorough knowledge and understanding of security risk assessment on all information systems such as people, process, technology, and information processing facilities

 knowledge on cloud security  

• Prepare risk assessment report and risk treatment plan.

• Conduct Information security awareness sessions to end users/ middle management.

• Certification such as CISSP/ CISA /CISM /CRISC/ISO27001/ AWS Security Cloud Certifications will be an added advantage.

• Should be a self-starter and lead the risk analysis in assigned areas with minimum supervision.

• Strong technical and/or management background in technical systems/environments.

• Strong written and verbal communication skills

• Ability to develop good working relationships and excellent interpersonal skills

• Capable of working independently and as part of a team.