Senior Infosec Auditor

Our CompanyChanging the world through digital experiences is what Adobes all about We give everyonexe2x80x94from emerging artists to global brandsxe2x80x94everything they need to design and deliver exceptional digital experiences Were passionate about empowering people to create beautiful and powerful images videos and apps and transform how companies interact with customers across every screen Were on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity We realize that new ideas can come from everywhere in the organization and we know the next big idea could be yours Job Requisition Senior InfoSec AuditorOur CompanyChanging the world through digital experiences is what Adobes all about We give everyonexe2x80x94from emerging artists to global brandsxe2x80x94everything they need to design and deliver exceptional digital experiences Were passionate about empowering people to craft beautiful and powerful images videos and apps and transform how companies interact with customers across every screen Were on a mission to hire the very best and are committed to building exceptional employee experiences where everyone is respected and has access to equal opportunity We realize that new ideas can come from everywhere in the organization and we know the next big idea could be yours The OpportunityAdobes Risk Advisory and Assurance Service RAAS function formally Global Audit is seeking an experienced Information Security professional to assess the design and effectiveness of Information Security Technology controls across Adobes technology landscape The candidate must have a good insight and understanding of the Technology and Cyber Security risks in line with regulatory and other compliance requirements This position will be based in Adobe s Bangalore Office What you will Do Work under the supervision of the RAAS Group Manager to plan scope and evaluate the design and efficiency of the internal controls On-prem and public Cloud Conduct Cyber Security Assessments including Security Architecture reviews Design and workflow assessments Configuration reviews Cloud Security Reviews VA PT and emerging risks such as ransomware Perform Information Security-related assessments to cover domains such as User Access Management Network OS and application Security Encryption Backup Management Disaster Recovery Training and awareness Evaluate and review the Security Architectures Designs and Cloud platform and supporting technologies Support the delivery and scaling of the SOX program Hands-on with the design and testing of IT General Controls ITGC IT App Business controls Assist with the development of project plans which include scope schedule cost quality organization communication staffing risk and issue management Present insightful dashboards and reports to demonstrate our overall risk posture to the management Stay abreast of Security trends emerging technology and cybersecurity field developments What you need to succeed Bachelor s or Masters in Information Systems Computer Science and Information Technology Minimum 3-5 years of experience in Information Security The candidate should hold a relevant credential such as CISA CISSP CRISC or CCSP Other certifications such as AWS Azure Architect and security specialty are a plus Experience in one or more of the following areas Application security Linux Windows system security Network Security Firewalls Switches Routers LAN WAN Security mobile device security wireless security cloud technologies IaaS SaaS environments etc and web technologies Experience with implementing and auditing security controls for Cloud environments AWS Azure Google Cloud etc is a must Familiarity with the Common Vulnerability Scoring System CVSS and other Vulnerability Management Databases e g CVE Solid understanding of information security Governance frameworks like COBIT NIST ISO 27001 and regulatory compliances like SOX GDPR PCI-DSS Capable of interpreting these requirements and translating them into relevant considerations for GRC processes risk management and controls Knowledge of vulnerability assessment and penetration testing Infrastructure Web Application Knowledge of Controls Automation and Continuous Monitoring practices Effective communication skills to cultivate positive collaboration with colleagues from diverse technical backgrounds Strong analytical and problem-solving skills incl the ability to research and simplify sophisticated situations Ability to prioritize multiple projects simultaneously and prioritize tasks to meet project timelines Good interpersonal oral written and presentation skills The candidate must be an excellent teammate self-motivated and have a can-do demeanor Ability and willingness to travel approx 10 At Adobe you will be immersed in an exceptional work environment that is recognized worldwide on Best Companies lists You will also be surrounded by colleagues who are committed to helping each other grow through our unique Check-In approach where ongoing feedback flows freely If youre looking to make an impact Adobe s the place for you Discover what our employees are saying about their career experiences on the Adobe Life blog and explore the important benefits we offer Adobe is an equal-opportunity employer We welcome and encourage diversity in the workplace regardless of gender race or color ethnicity or national origin age disability religion sexual orientation gender identity or expression or veteran status Adobe is proud to be an and affirmative action employer We do not discriminate based on gender race or color ethnicity or national origin age disability religion sexual orientation gender identity or expression veteran status or any other applicable characteristics protected by law Adobe aims to make Adobe com accessible to any and all users If you have a disability or special need that requires accommodation to navigate our website or complete the application process email or call 408 536-3015 Adobe values a free and open marketplace for all employees and has policies in place to ensure that we do not enter into illegal agreements with other companies to not recruit or hire each others employees