Csro
3 months ago
Role/Description.
- Responsibilities
- The Cyber/Cloud Security and Risk Officer (CSRO) aims to contribute to the steering of strategy in terms of public cloud security, technical standards, processes, tools and risk management.
- Defines, publishes and maintains processes for Security Governances, Risk and Compliance (GRC) for public cloud (AWS and Azure)
- Define cyber controls for public cloud platform, whilst adhering to a centralized methodology
- Updating and documenting security controls as an accountable part of the public cloud expertise team (e.g.: code security audit)
- Recommending changes to policies or procedures based on new threats or vulnerabilities identified
- Build and enforce hardening checklist comprises of industry’s best practices for public cloud
- Provide design time review and guidance to teams building and deploying solution to public/private/hybrid cloud. (Security by Design)
- Conduct risk analysis and define/monitor associated mitigation/remediation plans
- Carry out monitoring and propose functional improvements within the scope of intervention (security framework, risk analysis....),
- Collecting evidence and performing technical and functional acceptance tests in the context of “infrastructure and service hardening” projects,
- Conducting vulnerabilities scans with automated tools (SAST/DAST etc) to identify potential security issues
- Support/advise the operational security teams (Operation Security Manager),
- Security code review on all the developed infra components.
Work location:
Bangalore
Work Experience:
10 to 15
Background and Requirement:
- Expected Deliverables
- Service/Application/Infra maturity reports (assessment report). Assessment against defined maturity model
- Risk analysis file
- Blueprint and/or technical notes,
- Services/Infrastructures security compliance reports based on the controls defined and specified (ex: vulnerability management, code audit, ).
- Specific Context
- Cybersecurity:
- Security audit and framework (ISO 27001, NIST, PCI-DSS): Intermediate to Expert
- Pentest knowledge (OWASP, methodology, hacking): Intermediate to Expert
- Public Cloud infrastructure & security (AWS, Azure): Intermediate
- Security and Code Audit:
- Amazon Web Application Firewall, Guard Duty, Inspector, IAM Access Analyzer, cloud Trail, Shield, Macie, Config, security Hub
- Azure Security Center, Firewall, DDoS protection, Sentinel, Web Application Firewall (WAF),
- Development knowledge (python, Git,)
- DevOps tooling and DevSecOps knowledg
-
Cyber Security Lead
4 months ago
Bengaluru, India Société Générale Assurances Full timeCyber Security Lead - CSRO Permanent contract|Bangalore|IT (Information Technology) Cyber Security Lead - CSRO Bangalore, India Permanent contract IT (Information Technology) Responsibilities We are seeking a cloud security expert for Cloud Security and Risk Officer (CSRO) role who can contribute towards the strategic direction...
-
Cyber Security Consultant
4 months ago
Bengaluru, India Société Générale Assurances Full timeCyber Security Consultant - CSRO Permanent contract|Bangalore|IT (Information Technology) Cyber Security Consultant - CSRO Bangalore, India Permanent contract IT (Information Technology) Responsibilities We are seeking a cloud security expert for Cloud Security and Risk Officer (CSRO) role who can contribute towards the strategic...
-
Cyber Security Consultant-CSRO
5 months ago
Bengaluru, India Global Pharma Tek Full timeExperience: Min yrs relevant yrs experience with Excellent Skills Required Strong understanding of cloud technologies and platforms: Azure or AWS or both(preferred). Understanding and hands-on experience of cloud native service such as AWS EC, S, CloudFront, VPC, Direct Connect, DynamoDB etc and for Azure VNET, Storage Accounts, Application...
-
Public Cloud Security Risk Officer
3 months ago
Bengaluru, Karnataka, India PeopleLogic Business Solutions Full timeRole/Job Description *** *** 2. Control and report on the Landing Zone security as described and the security controls for example NIST cloud controls** *** 3. Control and report (with the support public Cloud CSRO lead) on the security of CSP service on the Group Catalog.** *** 4. Handle security alerts (Skynet) or incident. *** ** Manage IT risk and SSI...
-
Cyber security and Cloud security
2 months ago
Bengaluru, India PeopleLogic Full timeResponsibilitiesThe Cyber/Cloud Security and Risk Officer (CSRO) aims to contribute to the steering of strategy in terms of public cloud security, technical standards, processes, tools and risk management.· Defines, publishes and maintains processes for Security Governances, Risk and Compliance (GRC) for public cloud (AWS and Azure)· Define cyber controls...
-
Cyber security and Cloud security
2 months ago
Bengaluru, India PeopleLogic Full timeResponsibilitiesThe Cyber/Cloud Security and Risk Officer (CSRO) aims to contribute to the steering of strategy in terms of public cloud security, technical standards, processes, tools and risk management. · Defines, publishes and maintains processes for Security Governances, Risk and Compliance (GRC) for public cloud (AWS and Azure)· Define cyber controls...
-
Cyber security and Cloud security
2 months ago
Bengaluru, India PeopleLogic Full timeResponsibilitiesThe Cyber/Cloud Security and Risk Officer (CSRO) aims to contribute to the steering of strategy in terms of public cloud security, technical standards, processes, tools and risk management. · Defines, publishes and maintains processes for Security Governances, Risk and Compliance (GRC) for public cloud (AWS and Azure)· Define cyber controls...
-
Cyber security and Cloud security
2 months ago
Bengaluru, India PeopleLogic Full timeResponsibilities The Cyber/Cloud Security and Risk Officer (CSRO) aims to contribute to the steering of strategy in terms of public cloud security, technical standards, processes, tools and risk management. · Defines, publishes and maintains processes for Security Governances, Risk and Compliance (GRC) for public cloud (AWS and Azure) · Define cyber...
