Cyber Security Control Ops Analyst

Job description:

• Job Responsibilities

• He /She shall be responsible for execution of various Information & Cyber Security controls and processes, daily security monitoring tasks and various weekly /monthly security controls & reporting activities (such as monitoring access logs and security violations, analyzing user access requests and conducting periodic access reviews, data collation /analysis & reporting, managing various security control books and procedural documentations etc.).

• He /She shall be responsible for execution of controls related to Regulatory & Head Office guidelines and ensuring compliance to those, conducting investigations and reporting of security incidents. He/ She shall be involved in imparting security training and awareness sessions.

• He /She shall be responsible for execution of  various Security controls for the organization, and should be able to execute and improve the Security KRIs and appropriate reporting thereof.

• He /She shall be responsible to perform IT Security Risk assessments of new & existing processes, projects and applications / infrastructure.

• The incumbent shall be able to continuously analyse bank's information security program, implementation & execution of defined controls, and work towards sustained compliance to those and improvement of the same

Section: Knowledge,Skills,Experience & Qualifications

A & B. Knowledge & Skills:

• Detailed understanding of IT Security and Infrastructure practices, operations, standards and frameworks.

• Good working knowledge of performing IT Security risk assessments

• Good working knowledge of Identity & Access Mgmt (IAM) – user access reviews, related controls, system access matrix, RBAC etc.

• Good working knowledge of Data Protection & Security, DLP, data encryption etc.

• Good working knowledge of SIEM /SOC and /or other Security Monitoring Tools (such as NAC, NBAD, DAM etc).

• Good working knowledge of handling information/cyber security alerts & incidents.

• Good working knowledge in Vulnerability Assessments (VA /PT) and/or System Security Hardening and appropriate remediations.

• Fair understanding / Experience of working on Security Audits – would be preferred, but not mandatory.

• Good working knowledge on MS Office tools like Excel, Powerpoint would be essential. Should be well versed with various functions and data handling techniques in Excel.

• Ability to execute / implement Information Security Operations processes, and perform daily / weekly /monthly security controls and tasks.

• Ability to work on routine security activities as well complex technical security projects and initiatives.

• Proven track record in IS processes execution and enhancements.

C. Experience:

• Around 4 to 6 years of progressive experience in the field of Information & Cyber Security, including experience in either Data security, Access & Identity Management (IAM) or  Cyber Security, Security Controls & Operations in a global environment. Experience in BFSI or Banking environment would be preferred, but not mandatory.

D. Qualifications:

• Must have completed a Bachelor's degree (preferably BE / B.Tech.). A Master's degree in Information Systems will certainly be preferred.

Section: Certification – Select the relevant Certifications from the list below :

Any one or more of the below or other similar security related certifications:

• ISO 27001 Lead Implementer / Auditor

• Lead Auditor Certified from Reputed ISO Certification Body (such as BSI)

• Certified Information Systems Auditor (CISA)

• Certified Information Security Manager (CISM)

• Certified Information Systems Security Professional (CISSP)

Profile description:

The incumbent shall be responsible for the maintenance of Information Security policies & Procedures and related Implementation & Compliance adherence thereof. Execution of daily security controls /regular periodic processes (such as system/application log monitoring, user access reviews, data collation /analysis & reporting etc) would be a primary responsibility for this role.