Supply chain security/Information security
- Stefanini
- 5 - 8 years
- Noida, Gurugram
- 2 months ago
- Email to a friend
- Report this job
Job Description
The Information Security team member will augment the Supply Chain Security team and play an integral part in the development, implementation, and compliance of technical security across the enterprise. The candidate will be key contributor to ongoing security assessments of third-party tools and products and will regularly act as a voice of Information Security to business teams and management, building cyber security confidence in support of business development and governance processes.
Responsibilities
- Perform focused risks assessments of existing or new service providers, and technologies being introduced into the firms technology environment
- Provide governance and oversight over existing and new SaaS and IaaS products
- Influence the overall direction for securing infrastructure, applications and third parties service providers for the firm
- Communicate risk assessment findings to information security stakeholders or business partners and influences the risk mitigation
- Provide consultative advice to information security customers that enables them to make informed risk management decisions
- Performing assessments of new and existing Internet of Things (IoT) Deployments
- Identify appropriate controls to effectively manage information risks as needed
- Identify opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk
- Maintain strong working relationships with individuals and groups involved in managing information risks across the organization
- Support the documentation of Information Security Policies and Standards
- Security assessments of third-party software packages deployed on machines
- Perform vulnerability impact analysis of newly identified vulnerabilities of the firms critical service providers
Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include
- Strong documentation and process-oriented background with experience working on complex technology projects
- An ability to effectively influence others to account for the plans and collaborative behaviors for results
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
- An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners in a way that influences optimum risk mitigation
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- Ability to react to high pressure dynamic changing environments
- Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part
- An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside ones network within an organization
- An ability to apply original and innovative thinking to produce new ideas and create innovative products, solutions, or approaches
- A discipline and interpersonal skills to work well in a global environment, complementing teams in multiple remote locations
Job Requirements
Details
Experience
- Degree in Business, Computer Engineering, Computer Science, Information Security, or a related field
- Working knowledge of data analysis techniques, including Excel, Python and basic SQL skills
- Experience with agile project management
- Knowledge of Azure security, AWS security, web security, including API and token security
- 5+ years Information Security experience
- 3+ years with risk advisory and senior management communication, metrics, collaboration to drive risk-based results
- 3+ years of experience with documenting, project management, written analysis for Information Security risk assessments
- 3+ years of experience in an Enterprise Risk Management and/or assessing controls within a Technology and/or Financial Services firm
- Experience with information security management frameworks (e.g., IS027001, COBIT, NIST 800)
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA)
- AWS, GCP, or Azure security certifications are a plus
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT Infrastructure ServicesRole: System AnalystEmployement Type: Full timeContact Details:
Company: StefaniniLocation(s): Noida, Gurugram+ View Contact
Keyskills: Supply chain Computer science Data analysis Staffing Project management Information security Risk assessment Outsourcing Financial services SQL
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in