Sr. Security Analyst

Job Summary

¿ Establishing information security risk management processes; identifying and managing information security risks. ¿ Responsible for end to end risk management. ¿ Create maintain risk and operational risk register to ensure that all identified risk factors are accounted for. ¿ Ensure all registered risk are treated on time, and treatment plan should be published to all stakeholders. ¿ Experience in Third party Risk assessment while maintaining the risk register for the program. ¿ Perform risk evaluations and communicate IT security gaps impact to business and program owners. ¿ Drive IT security and risk assessment on program products, services, technologies, applications, and Consultants. ¿ Demonstrated experience in performing audit/compliance and third party Consultant assessments. ¿ Experience with internal project consulting to provide compliance and security requirements and guidance. ¿ Assist in the improvement of risk management and Cyber Security controls. ¿ Support the Third Party Senior Manager with all third party Consultant risk assessment activities and reporting tasks. Required Professional Experience ¿ Relevant experience in IT infra & Application risk domain. ¿ Good understanding of the IT General and Security controls for Technology Infra. ¿ Exposure to Global IT and Security Risk models like ISO27001/ ISO27005/ ISO31000. ¿ Worked on documentation of IT Policies/ Procedures. ¿ Good written and communication skills. Skills/Tools Experience ¿ Good to have any GRC tool experience (E.g., AllGress RSA Archer, MetricStream etc.) Academic Qualifications & Certifications ¿ Bachelor¿s degree in engineering (BTech/B. E), MTech, MSc in IT related field. ¿ Desirable but not mandatory ISO 27001/ 22301/ 31000.