Security Control Assessor
6 days ago
**Role/Job Title**: Security Control Assessor
**Business**: Risk
**Function/ Department**: ISG
**Place of work**: Mumbai
**Experience**: - 5+ years in Information/cyber security
**Education**: - BE. B.tech, M,tech, MCA, BCA
**Job Purpose**:
The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection controls of the organization are designed by the technology team, and reviewed for design effectiveness from architecture security perspective. She/he is expected to be aware of new technologies, underlying secure configuration requirements, keep abreast of risks and corresponding secure configurations, and create and maintain ISG documents and versioning. The
Security Controls Assessor/ Associate Security Architect
**Roles & Responsibilities**:
Information Security Provision Reviews & Security Architecture Reviews:
Act as project executive and carry out Annual Security Architecture Reviews/other projects as assigned to the team on annual basis.
Follow up and carry out IDR requests with the Application IT Owners/PMs/SPOCs, maintain escalation matrix and touch points.
Perform API security audits/reviews to assess the security of APIs and ensure that they are properly designed and implemented.
Conduct security reviews of enterprise solutions, such as Kafka and Apache NiFi, to identify and mitigate security risks.
The Security Controls Assessor will also be plan, execute and oversee:
Develop security compliance processes and/or audits for external services (e.g., cloud service providers, specific platforms, products, underlying infrastructure, etc.).
Track projects and reviews through management and maintenance of relevant findings, trackers, responses, and timelines from IT/implementation teams.
Get initial understanding of the exception requirement by liaising with requestors and stakeholders, and present to the L1 Reviewers.
Help maintain backup of Security Architecture Reviews (documentation and records) in centralized repository.
Ensure end-to-end ownership of the raised issues/security risks, assignment of the ownership to various other teams (IT, Security Monitoring, etc.).
Follow up for pending/expired exceptions.
Work in close liaison with Business and Info Sec team’s Security Operations.
Work with developers and other IT staff to resolve security vulnerabilities and implement security improvements.
Stay up-to-date on the latest security threats and vulnerabilities.
Represent ISG Security Provision/Security Architecture teams in IT processes like Change Management and review for completeness of record evidence that may be incorporated into Application Go-live process by the Change Management team of IT.
Experience Requirements
Should have excellent communication skills and project management/time management skills.
Experienced Cyber Security professional with good understanding of security compliance requirements (regulatory), IT general security controls, baselining, and hardening.
Should preferably have Skills and be ready to work on processes and incorporating Information Security Tollgates into Change Management processes and play role
Bachelor’s degree in computer science or a related field.
-
Security Control Assessor
1 month ago
Navi Mumbai, India IDFC FIRST Bank Full timeRole/Job Title : Security Control Assessor Function/ Department: Information Security Group Job Purpose: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection...
-
Security Control Assessor
4 weeks ago
Navi Mumbai, India IDFC FIRST Bank Full timeRole/Job Title : Security Control Assessor Function/ Department: Information Security Group Job Purpose: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection...
-
Security Control Assessor
1 month ago
navi mumbai, India IDFC FIRST Bank Full timeRole/Job Title : Security Control Assessor Function/ Department: Information Security Group Job Purpose: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection...
-
Security Control Assessor
1 week ago
Navi Mumbai, Maharashtra, India IDFC FIRST Bank Full timeRole/Job Title : Security Control Assessor Function/ Department: Information Security Group Job Purpose: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection...
-
mumbai, India WTW Full timeAbout CompanyWTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...
-
Mumbai, India WTW Full timeAbout CompanyWTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...
-
Mumbai, India WTW Full timeAbout Company WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...
-
mumbai, India WTW Full timeAbout Company WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are...
-
Mumbai, India WTW Full timeAbout Company WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...
-
Controls Testing Assessor, Itgc
2 months ago
Mumbai, India Luxoft Full time**Project** Description**: **Responsibilities**: - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. - Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the...
-
Controls Testing Assessor, Itgc
2 months ago
Mumbai, India Luxoft Full time**Project** Description**: **Responsibilities**: - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. - Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the...
-
Controls Testing Assessor, Itgc
3 days ago
Mumbai, India Luxoft Full time**Project** Description**: **Responsibilities**: - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. - Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the...
-
Controls Testing Assessor, Itgc
3 days ago
Mumbai, India Luxoft Full time**Project** Description**: **Responsibilities**: - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. - Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the...
-
Controls Testing Assessor, Itgc
2 weeks ago
Mumbai, Maharashtra, India Luxoft Full timeProject Description**:Responsibilities: Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the achievement of...
-
Control Resiliency Assessor
4 days ago
Mumbai, India WTW Full timeJob Summary Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud controls...
-
Control Resiliency Assessor
4 days ago
mumbai, India WTW Full timeJob Summary Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud controls...
-
Control Resiliency Assessor
2 weeks ago
Mumbai, Maharashtra, India Willis Towers Watson Full time**Job Summary** Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud controls...
-
Control Resiliency Assessor
2 months ago
Mumbai, India WTW Full timeProven Auditing competency - Strong IT and analytical skills - Proactive rather than reactive - Team player with good interpersonal skills - Ability to work under pressure to tight timelines - Organised and methodical - Willing to challenge and desire to learn - Good communication skills, both orally and in writing Knowledge/Experience: Essential -...
-
Control Resiliency Assessor
2 weeks ago
Mumbai, Maharashtra, India WTW Full timeProven Auditing competency Strong IT and analytical skills Proactive rather than reactive Team player with good interpersonal skills Ability to work under pressure to tight timelines Organised and methodical Willing to challenge and desire to learn Good communication skills, both orally and in writingKnowledge/Experience:Essential Knowledge and understanding...
-
Information Systems Security Manager
2 weeks ago
Navi Mumbai, Maharashtra, India IDFC FIRST Bank Full timeJob Title: Specialist - Third-Party Security Assessor - Information Security GroupJob Purpose: The Third-Party Technology Risk Management team is responsible for overseeing risks associated with third-party vendors and suppliers on behalf of the organization. This role involves collaborating closely with vendor stakeholders to ensure the security of shared...
