Requirement of Compliance & Assessment Technical Lead @ Bangalore required in BengaluruEmployer: Technosoft Global Services Pvt Ltd
Industry: IT-Software, Software Services
Salary: ₹ Not Disclosed by Recruiter
Greetings from Technosoft…!!!
Immediate Requirement of Compliance & Assessment (Technical Lead) — Top notch client at Bangalore Location
Contact : Vani B (9182991774)
If your profile match to below JD, then Forward Your Updated CV to : Vani.B@technosoftcorp.com
- 4-10 years of industry experience in Governance Risk and Compliance domain (GRC).
- Strong third-party assessment skills to evaluation functional and technical capabilities.
- Independently assess information (cyber) security to determine functional and technical risks related to the use, processing, storage and transmission of information to and from those 3rd party entities that impact organizations globally.
- Conduct information security risk and vulnerability assessments (functional/technical) of 3rd party (including manufacturing plants) to identify vulnerabilities, risks, and protection needs in order to generate a risk rating and potential functional and technical mitigations.
- Review SOX, PICT, NIST CSF, ISO27001, COBIT, PCI and SANS Top 20 Critical Security Controls compliance reports, identifying remediation owners, and partnering with IT resources to develop remediation plan.
- Experience with Information Security Controls – Application development Controls, Secure SDLC audit or assessment experience and enterprise security policies and procedures assessment.
- Experience with developing test plans, mapping controls, reviewing evidences, assessments, perform GAP analysis and reporting.
- Effective ability to identify and assess the severity and potential impact of risks, and communicate risk assessment findings to risk owners outside Information Security.
- Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
- Responsible for the operationally producing executive level reporting of clients top information security risks for various global audiences including the Information Security Risk Committee, the IT Risk Committee and various stakeholders and levels throughout the organization.
- Creating policies/procedures suiting Security Compliance standards.
- Responsible for driving enhancements in the GRC tool (Archeretc.) for managing and aggregating risks across the organization.
- Thorough understanding of IT infrastructure – Application and Network Security Requirements, Servers and User Systems Control Assessment (Windows, UNIX, distributed, mainframe systems).
- 6-10 years of industry experience in Endpoint Security for large enterprise environment.
- This role will require working in rotational shifts in 24X7 Security Operations environment.
- Hands on experience at L2L3 level with Security products for DLP, Enterprise Anti-VirusAnti-Malware, and Encryption.
Good understanding of Security Operational Procedures and Vulnerability Assessment.
- Experience and knowledge preferably on most of the following tools Symantec DLP, Symantec Endpoint Protection, Full Disk Encryption, Tripwire and Tanium.
Proven experience in handling policy management and signature updates for endpoint security solutions.
- Experience in managing multiple third party vendors in delivering security services.
- Remains current with new security vulnerabilities and key technologies and recommends changes or actions to management as appropriate
- Knowledge of multiple operating systems and applicable system administration skills (Windows, Solaris, Linux).
Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP, etc.
- Familiarity with Information Security Frameworks like ISO27001, HIPAA, PCI-DSS.
- Proficiency in a Linux command line environment (awk, sed, grep, etc.) or Windows equivalent (Powershell) to analyze log files and locate anomalies.
- Relevant certifications (CISSP/ CISA/ ISO 27001 LA/CISM) are a must.
- Ability to understand clients information security requirements to perform a comprehensive and effective controls testing for new applications introduced in the IT environment.
- Able to communicate with the users and technical teams, prior experience with working in offshore – onsite engagements model will be a plus.
MCA / BE / B Tech
- Experience : 4 to 10 Years
Job Location : Bangalore
To Schedule interview : If above Requirements matches to your profile can send your updated CV to : Vani.B @technosoftcorp.com and reach at 9182991774 (drop me a text message)*
Note : Ignore, if JD not matches to your profile & Do Refer to your Friends & Colleagues