Associate information security analystPosted: Sept. 26, 2023, 4:07 a.m. - Full Time - Noida
ROLE PURPOSE: Post: Associate Information Security Analyst
- (1 - 4 years in Risk Analysis / Compliance).
Please note this is not a VAPT role.
· The selected candidate is responsible for supporting the Senior Information Security and Privacy Program.
· It involves supporting, monitoring, and documenting the effectiveness of the program.
· This is a hands-on position that requires practical experience in the areas of information security, privacy, and audit & risk management.
· The candidate is responsible for executing defined security and privacy-related activities.
· The candidate also helps in the application of security policies and standards across the company, including software engineering, finance, operations, and IT.
· The ideal candidate should have 1 - 5 years of practical information security, Compliance, Audit and risk assessment (ISO 27001) experience in a regulated environment.
· CyberSRC Consultancy LLP has a dynamic work environment providing the opportunity for significant growth in knowledge and experience in the areas of information security, risk management & privacy.
· Keeping tab on implementation of various advisories/Patches/security update across all platforms and MIS/reporting.
· Record keeping for the purpose of compliance covering all types of IT/Info security audits.
· Responsible for update of the policies, procedures related to Information Security and privacy
· Weekly/Monthly advisory creation and dissemination across organization to educate users. The advisories will be based on Organization’s policies & latest development in cyber security and potential impact to Organization
· Maintaining policies/ procedures and other documentation.
· Responsible for performing all Security internal/external audits & IT risk assessment activities, tracking till closure
· Assist in conducting information security awareness sessions.
· Perform internal audits and ensure compliance against Clients policies and external laws.
· Assist the team in managing technology risk assessments, report on findings & and remediation plans and track status of projects.
· Interact with clients and support engagements in the areas of GRC, Security and Privacy related internal audits.
· Process reviews, standard operating procedures and risk managements .
· Assist in developing new solutions and methodologies for project deliverables.
· Prepare written deliverables and presentations.
Qualifications BE/ B.Tech/ MSc/ MCA equivalent.
Certifications: Lead Auditor ISO 27001 (mandatory requirement), Preferrable certifications (anyone) – CISM, CISSP, CEH, CompTia Security+
· Certification good to have: ISO/IEC 27001 LA.
· Good Knowledge of ISO 27001, ISO 27002, ISO 9001, ISO 22301.
· Basic knowledge of privacy laws such as GDPR and Personal Data Protection Bill.
· Security audits and assessments – information, network, application, etc.
· MS Office (Word, Excel, PowerPoint, Access).
· .Excellent organization, communication and presentation skills.
· Ability to multi-task.
· General professional writing proficiency.
· Experience In The Information Security and Audit Industry Is Preferred.
Thanks & Regards Pooja Pandey Human Resource Manager CyberSRC® Consultancy.
Personal: +91 8800350001 Website: http://www.cybersrcc.com/ Head Office: Noida: Unit 605, 6th floor, World Trade Tower, Tower-B, Noida, Uttar Pradesh (India) UK | INDIA