Security Control Assessor

6 months ago


Mumbai, India IDFC FIRST Bank Full time

**Role/Job Title**: Security Control Assessor

**Business**: Risk

**Function/ Department**: ISG

**Place of work**: Mumbai

**Experience**: - 5+ years in Information/cyber security

**Education**: - BE. B.tech, M,tech, MCA, BCA

**Job Purpose**:
The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection controls of the organization are designed by the technology team, and reviewed for design effectiveness from architecture security perspective. She/he is expected to be aware of new technologies, underlying secure configuration requirements, keep abreast of risks and corresponding secure configurations, and create and maintain ISG documents and versioning. The

Security Controls Assessor/ Associate Security Architect

**Roles & Responsibilities**:
Information Security Provision Reviews & Security Architecture Reviews:
Act as project executive and carry out Annual Security Architecture Reviews/other projects as assigned to the team on annual basis.

Follow up and carry out IDR requests with the Application IT Owners/PMs/SPOCs, maintain escalation matrix and touch points.

Perform API security audits/reviews to assess the security of APIs and ensure that they are properly designed and implemented.

Conduct security reviews of enterprise solutions, such as Kafka and Apache NiFi, to identify and mitigate security risks.

The Security Controls Assessor will also be plan, execute and oversee:
Develop security compliance processes and/or audits for external services (e.g., cloud service providers, specific platforms, products, underlying infrastructure, etc.).

Track projects and reviews through management and maintenance of relevant findings, trackers, responses, and timelines from IT/implementation teams.

Get initial understanding of the exception requirement by liaising with requestors and stakeholders, and present to the L1 Reviewers.

Help maintain backup of Security Architecture Reviews (documentation and records) in centralized repository.

Ensure end-to-end ownership of the raised issues/security risks, assignment of the ownership to various other teams (IT, Security Monitoring, etc.).

Follow up for pending/expired exceptions.

Work in close liaison with Business and Info Sec team’s Security Operations.

Work with developers and other IT staff to resolve security vulnerabilities and implement security improvements.

Stay up-to-date on the latest security threats and vulnerabilities.

Represent ISG Security Provision/Security Architecture teams in IT processes like Change Management and review for completeness of record evidence that may be incorporated into Application Go-live process by the Change Management team of IT.

Experience Requirements

Should have excellent communication skills and project management/time management skills.

Experienced Cyber Security professional with good understanding of security compliance requirements (regulatory), IT general security controls, baselining, and hardening.

Should preferably have Skills and be ready to work on processes and incorporating Information Security Tollgates into Change Management processes and play role

Bachelor’s degree in computer science or a related field.



  • Navi Mumbai, India IDFC FIRST Bank Full time

    Role/Job Title : Security Control Assessor Function/ Department:  Information Security Group  Job Purpose: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection...


  • mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure...


  • Mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...


  • Mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security AssessorFunction – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...


  • mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security AssessorFunction – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...


  • Mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...


  • Mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security Assessor Function – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...


  • Mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security Assessor Function – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...


  • Mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security AssessorFunction – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...


  • Navi Mumbai, Maharashtra, India Logicloop Full time

    Job Description:We are looking for a seasoned professional to fill the position of Vulnerability Assessor Lead - Information Security at Logicloop. As a key member of our team, you will be responsible for evaluating the control environment through ethical hacking, penetration testing, and red team assessments.The ideal candidate will have 8+ years of...


  • mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...


  • mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security Assessor Function – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...


  • mumbai, India IDFC FIRST Bank Full time

    Job Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...


  • Mumbai, Maharashtra, India Willis Towers Watson Full time

    **Job Summary** Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud controls...


  • Mumbai, Maharashtra, India WTW Full time

    **Description**: Job Summary: Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud...


  • Mumbai, Maharashtra, India British Council Full time

    We are seeking a highly skilled and detail-oriented individual to join our team as a dedicated marker and assessor. In this role, you will play a vital part in ensuring the accuracy and fairness of our English language proficiency exams.About the RoleAs a trainee clerical marker, you will be responsible for assessing various modules of our English language...


  • Mumbai, Maharashtra, India WTW Full time

    Role: - Leading and coordinating the completion of Third-party assessment requests against WTW best practice and global standards and controls.- Scheduling periodical re-assessment in line with standards and controls- Agree scheduled checkpoints with the Third Party and WTW Service Owner on evidencing remediations and maintaining central repository, these...

  • Itgc Control Testing

    6 months ago


    Mumbai, Maharashtra, India ANB Global Full time

    **Key Responsibilities: - ** - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness, and operating effectiveness of IT and Cyber controls. - Draft high-quality reports containing the assessor’s opinion on the ICT control gaps, and recommendations for improvement post completion of an assignment. -...

  • Security Architect

    6 months ago


    Navi Mumbai, Maharashtra, India IDFC FIRST Bank Full time

    Role/Job Title : Security Architect Function/ Department : Information Security Group Job Purpose : **Roles & Responsibilities**: Get initial understanding of the exception requirement by liaising with requestors and stakeholders, and present to the L1 Reviewers. Help maintain backup of Security Architecture Reviews (documentation and records) in...


  • Mumbai, Maharashtra, India Saini Electronics Security Systems Full time

    We are seeking a skilled _**Control Room Operator**_ with hands-on experience and extensive knowledge of **access control systems**. As a Control Room Operator, you will be responsible for monitoring and controlling access to various facilities, ensuring the safety and security of personnel and property. Your primary duties will include operating and...