This job ad has been posted over 30 days ago...

37

applicants

Opening for Information Security Officer Full-time

at Easiprocess Pvt Ltd in Banglore (Published at 16-01-2015)

Key Responsibility Areas:

• Analyzing security events coming from various security / monitoring tools, applications and track them to completion
• Eliminate false positives, based on impact and nature of the Security incident triage significant security events and escalate according to the established procedures
• Produce / review various security reports of key security controls, identify anomalies and, escalate critical security events to the appropriate stakeholders and follow-up as required.
• Perform routine enterprise wide vulnerability scanning and follow up on remediation efforts
• Ensure compliance to Data Privacy in the Projects and functions.
• Configure DLP rules and manage DLP product.
• Review effectiveness of various controls implemented and recommend changes / additional controls to mitigate potential security weakness / vulnerabilities
• Record detailed Security Incident Response activities on approved format and report to relevant forums
• Ensure the accuracy and integrity of information throughout reporting
• Produce Weekly / Monthly etc. security dashboards and detailed inputs where applicable
• Coordinate, document Disaster Recovery Procedures / process for OSB IT services
• Represent / Support IT Senior Management on Risk / Compliance / Audit committees

ISO 27001 responsibilities

• Review, analyze and escalate the information security incidents reported in the organization.
• Arrange quarterly internal audits, follow-up on previous internal audit CAPA with relevant department heads
• Coordinate quarterly Management Review Meetings (MRMs) and present the quarterly reports. Document meeting minutes and follow-up / track open action items
• Arrange for independent systems audit and resolution of security related issues reported by the systems audit
• Review / coordinate monthly reports on antivirus, backups, firewall logs, Critical systems access logs based on various policies and procedures as per ISO 27001 standards and controls
• Incident Response Management and reporting
• Initiate and carry out Risk assessment as per the Risk assessment plan and report to CISO.
• Maintain Business Continuity Plans (BCP) of the organisation
• Conduct periodic BCP check and submit reports and recommendations on MRMs.


SKILL SET

• Should have knowledge of information security, related business processes, control objectives and possess analytical skills of risk assessment regarding threats and vulnerabilities to organizations information assets.
• Sound knowledge of network stack, and Security components like firewalls, IPS/IDS, other security tools for Application Security Testing.
• Vulnerability Assessment & Penetration Testing for OS, web based applications & network devices.
• Candidate must have exposure to ISO 27001 standards / PCI compliance & audit process.
• Experience on various security / auditing tools will be added advantage
• An ideal candidate should have one or more security certifications listed below:
o GIAC
o CISSP
o SSCP
o CAP
o CompTIA Security+
o ISO 27001 Registered Auditor
o ISEB Practitioner in IRM

Experience:

An ideal candidate must have 4 + years of relevant experience preferably banking and finance domain in the UK.


Note: Applications have been closed.


Viewed: 1631 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend