Security Control Assessor
5 months ago
Role/Job Title : Security Control Assessor
Function/ Department: Information Security Group
Job Purpose:
The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection controls of the organization are designed by the technology team, and reviewed for design effectiveness from architecture security perspective. She/he is expected to be aware of new technologies, underlying secure configuration requirements, keep abreast of risks and corresponding secure configurations, and create and maintain ISG documents and versioning. The Security Controls Assessor/ Associate Security Architect is expected to review and assess the security of applications, APIs, enterprise solutions, and application architectures in design and during/before implementation. In the journey, while the vulnerabilities and security assessment/testing teams will independently be carrying out their tests, this role is expected to stay abreast of, and at times collaborate with these teams to improve the architecture security and application security aspects.
Roles & Responsibilities:
Act as project executive and carry out Annual Security Architecture Reviews/other projects as assigned to the team on annual basis. Follow up and carry out IDR requests with the Application IT. Owners/PMs/SPOCs, maintain escalation matrix and touch points. Conduct application security audits to identify and mitigate security. vulnerabilities in web applications, mobile applications, and other types of software. Perform API security audits/reviews to assess the security of APIs and ensure that they are properly designed and implemented. Conduct security reviews of enterprise solutions, such as Kafka and Apache NiFi, to identify and mitigate security risks. Develop and maintain security checklists and procedures for application security audits, API security audits, and enterprise security assessments. The Security Controls Assessor will also be plan, execute, and oversee: Develop security compliance processes and/or audits for external services (., cloud service providers, specific platforms, products, underlying infrastructure, . Review and provide inputs to update security documentation reflecting the application/system security design features as required. Track projects and reviews through management and maintenance of relevant findings, trackers, responses, and timelines from IT/implementation teams. Get initial understanding of the exception requirement by liaising with requestors and stakeholders, and present to the L1 Reviewers. Help maintain backup of Security Architecture Reviews (documentation and records) in centralized repository. Ensure end-to-end ownership of the raised issues/security risks, assignment of the ownership to various other teams (IT, Security Monitoring, . Follow up for pending/expired exceptions. Work in close liaison with Business and Info Sec team’s Security Operations. Work with developers and other IT staff to resolve security vulnerabilities and implement security improvements. Stay up to date on the latest security threats and vulnerabilities. Represent ISG Security Provision/Security Architecture teams in IT processes like Change Management and review for completeness of record evidence that may be incorporated into Application Go-live process by the Change Management team of IT.Education Qualification: Graduation: Bachelor’s in Engineering / Technology / Maths / Commerce / Arts / Science / Biology / Business / Computers / Management
Post-graduation: MBA / PGDM / Technology
Experience: 5 to 10 years of experience in Information/cyber security.
-
Security Control Assessor
6 months ago
Mumbai, India IDFC FIRST Bank Full time**Role/Job Title**: Security Control Assessor **Business**: Risk **Function/ Department**: ISG **Place of work**: Mumbai **Experience**: - 5+ years in Information/cyber security **Education**: - BE. B.tech, M,tech, MCA, BCA **Job Purpose**: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects,...
-
Specialist-third party security assessor
4 weeks ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...
-
Specialist-Third Party security Assessor
4 weeks ago
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security AssessorFunction – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
Specialist-Third Party security Assessor
4 weeks ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security AssessorFunction – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
Specialist-Third Party security Assessor
4 weeks ago
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure...
-
Specialist-Third Party security Assessor
4 weeks ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
Specialist-Third Party security Assessor
4 weeks ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
Specialist-Third Party security Assessor
4 weeks ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...
-
Specialist-Third Party security Assessor
2 weeks ago
Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security AssessorFunction – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...
-
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security GroupJob Purpose:The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to ensure that...
-
mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...
-
Security Architect
6 months ago
Navi Mumbai, Maharashtra, India IDFC FIRST Bank Full timeRole/Job Title : Security Architect Function/ Department : Information Security Group Job Purpose : **Roles & Responsibilities**: Get initial understanding of the exception requirement by liaising with requestors and stakeholders, and present to the L1 Reviewers. Help maintain backup of Security Architecture Reviews (documentation and records) in...
-
Control Resiliency Assessor
6 months ago
Mumbai, Maharashtra, India Willis Towers Watson Full time**Job Summary** Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud controls...
-
Security Architect
6 months ago
Navi Mumbai, India IDFC FIRST Bank Full timeRole/Job Title : Security Architect Function/ Department : Information Security Group Job Purpose : The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection controls of the...
-
Cyber Security Strategist
1 month ago
Navi Mumbai, Maharashtra, India Eventus Security Full timeJob SummaryWe are seeking a highly skilled Senior Security Consultant with expertise in Red Teaming to enhance our security posture. The ideal candidate will specialize in simulating advanced cyber threats, identifying vulnerabilities, and providing actionable recommendations.Key ResponsibilitiesRed Team Operations:Plan and execute advanced red team...
-
Control Resilience Assessor
1 month ago
Mumbai, Maharashtra, India WTW Full time**Description**: Job Summary: Control Resiliency team is a part of Global Strategy Governance, Risk & Compliance vertical. Current role will support the delivery of projects related control testing in the areas of Information & Cyber Security, Technology, Infrastructure etc. Conducting design adequacy and operating effectiveness testing of on-prem and cloud...
-
Senior Security Consultant
1 month ago
navi mumbai, India Eventus Security Full timeWork Location: Ahmedabad & Navi Mumbai Job Summary: We are seeking a highly skilled and experienced Senior Security Consultant specializing in Red Teaming to join our dynamic security team. The successful candidate will play a crucial role in simulating advanced cyber threats, identifying vulnerabilities, and providing actionable recommendations to enhance...
-
Senior security consultant
1 month ago
Navi Mumbai, India Eventus Security Full timeWork Location: Ahmedabad & Navi MumbaiJob Summary:We are seeking a highly skilled and experienced Senior Security Consultant specializing in Red Teaming to join our dynamic security team. The successful candidate will play a crucial role in simulating advanced cyber threats, identifying vulnerabilities, and providing actionable recommendations to enhance our...
-
Senior Security Consultant
1 month ago
Navi Mumbai, India Eventus Security Full timeWork Location: Ahmedabad & Navi MumbaiJob Summary:We are seeking a highly skilled and experienced Senior Security Consultant specializing in Red Teaming to join our dynamic security team. The successful candidate will play a crucial role in simulating advanced cyber threats, identifying vulnerabilities, and providing actionable recommendations to enhance our...
