Security Control Assessor
1 month ago
Role/Job Title : Security Control Assessor
Function/ Department: Information Security Group
Job Purpose:
The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection controls of the organization are designed by the technology team, and reviewed for design effectiveness from architecture security perspective. She/he is expected to be aware of new technologies, underlying secure configuration requirements, keep abreast of risks and corresponding secure configurations, and create and maintain ISG documents and versioning. The Security Controls Assessor/ Associate Security Architect is expected to review and assess the security of applications, APIs, enterprise solutions, and application architectures in design and during/before implementation. In the journey, while the vulnerabilities and security assessment/testing teams will independently be carrying out their tests, this role is expected to stay abreast of, and at times collaborate with these teams to improve the architecture security and application security aspects.
Roles & Responsibilities:
Act as project executive and carry out Annual Security Architecture Reviews/other projects as assigned to the team on annual basis. Follow up and carry out IDR requests with the Application IT. Owners/PMs/SPOCs, maintain escalation matrix and touch points. Conduct application security audits to identify and mitigate security. vulnerabilities in web applications, mobile applications, and other types of software. Perform API security audits/reviews to assess the security of APIs and ensure that they are properly designed and implemented. Conduct security reviews of enterprise solutions, such as Kafka and Apache NiFi, to identify and mitigate security risks. Develop and maintain security checklists and procedures for application security audits, API security audits, and enterprise security assessments. The Security Controls Assessor will also be plan, execute, and oversee: Develop security compliance processes and/or audits for external services (., cloud service providers, specific platforms, products, underlying infrastructure, . Review and provide inputs to update security documentation reflecting the application/system security design features as required. Track projects and reviews through management and maintenance of relevant findings, trackers, responses, and timelines from IT/implementation teams. Get initial understanding of the exception requirement by liaising with requestors and stakeholders, and present to the L1 Reviewers. Help maintain backup of Security Architecture Reviews (documentation and records) in centralized repository. Ensure end-to-end ownership of the raised issues/security risks, assignment of the ownership to various other teams (IT, Security Monitoring, . Follow up for pending/expired exceptions. Work in close liaison with Business and Info Sec team’s Security Operations. Work with developers and other IT staff to resolve security vulnerabilities and implement security improvements. Stay up to date on the latest security threats and vulnerabilities. Represent ISG Security Provision/Security Architecture teams in IT processes like Change Management and review for completeness of record evidence that may be incorporated into Application Go-live process by the Change Management team of IT.Education Qualification:
Graduation: Any Graduate
Post-graduation: MBA / PGDM / Technology
Experience: 5 to 10 years of experience in Information/cyber security.
-
Security Control Assessor
1 month ago
navi mumbai, India IDFC FIRST Bank Full timeRole/Job Title : Security Control Assessor Function/ Department: Information Security Group Job Purpose: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection...
-
Security Control Assessor
2 weeks ago
Navi Mumbai, Maharashtra, India IDFC FIRST Bank Full timeRole/Job Title : Security Control Assessor Function/ Department: Information Security Group Job Purpose: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection...
-
Security Control Assessor
7 days ago
Mumbai, India IDFC FIRST Bank Full time**Role/Job Title**: Security Control Assessor **Business**: Risk **Function/ Department**: ISG **Place of work**: Mumbai **Experience**: - 5+ years in Information/cyber security **Education**: - BE. B.tech, M,tech, MCA, BCA **Job Purpose**: The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects,...
-
mumbai, India WTW Full timeAbout CompanyWTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...
-
Mumbai, India WTW Full timeAbout CompanyWTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...
-
Mumbai, India WTW Full timeAbout Company WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...
-
mumbai, India WTW Full timeAbout Company WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are...
-
Mumbai, India WTW Full timeAbout Company WTW (NASDAQ: WTW) is in the business of people, risk and capital. With roots dating to 1828, our company has over 45,000 colleagues serving more than 140 countries and markets. Our values – client focus, teamwork, integrity, respect and excellence – underlie all that we do, including how we behave and interact with each other. They are part...
-
Information Systems Security Manager
2 weeks ago
Navi Mumbai, Maharashtra, India IDFC FIRST Bank Full timeJob Title: Specialist - Third-Party Security Assessor - Information Security GroupJob Purpose: The Third-Party Technology Risk Management team is responsible for overseeing risks associated with third-party vendors and suppliers on behalf of the organization. This role involves collaborating closely with vendor stakeholders to ensure the security of shared...
-
Controls Testing Assessor, Itgc
2 months ago
Mumbai, India Luxoft Full time**Project** Description**: **Responsibilities**: - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. - Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the...
-
Controls Testing Assessor, Itgc
2 months ago
Mumbai, India Luxoft Full time**Project** Description**: **Responsibilities**: - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. - Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the...
-
Controls Testing Assessor, Itgc
3 days ago
Mumbai, India Luxoft Full time**Project** Description**: **Responsibilities**: - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. - Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the...
-
Controls Testing Assessor, Itgc
3 days ago
Mumbai, India Luxoft Full time**Project** Description**: **Responsibilities**: - Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. - Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the...
-
Information Systems Security Manager
1 week ago
Navi Mumbai, Maharashtra, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders to...
-
Information Systems Security Manager
1 month ago
Navi Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders...
-
Information Systems Security Manager
3 weeks ago
navi mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor...
-
Information Systems Security Manager
1 month ago
navi mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor...
-
Information Systems Security Manager
4 weeks ago
Navi Mumbai, India IDFC FIRST Bank Full timeJob Title – Specialist-Third Party security Assessor Function – Information Security Group Job Purpose: The Third-Party Technology Risk Management team assumes primary responsibility for overseeing the risks linked to third-party vendors and suppliers on behalf of the bank. This role necessitates close collaboration with vendor stakeholders...
-
Controls Testing Assessor, Itgc
2 weeks ago
Mumbai, Maharashtra, India Luxoft Full timeProject Description**:Responsibilities: Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness and operating effectiveness of IT and Cyber controls. Contribute to the industrialization and automation of RISK ORM ICT control testing services by the development of methodologies/tools for the achievement of...
-
Security Architect
3 weeks ago
Navi Mumbai, India IDFC FIRST Bank Full timeRole/Job Title: Security ArchitectFunction/ Department: Information Security GroupJob Purpose:The Role would be responsible for working with the internal ISG stakeholders, Enterprise Security Architects, Application Owners & other Application Team members and other key stakeholders to ensure data-centric security and protection controls of the organization...
