Junior Information Security Analyst

POSITION SUMMARY:

• This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization.
• This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US
• This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned.
• This position requires:
  • Works on Vendor IT Security risk assessment/ Third Party Risk management/ IT Technical Assessment
  • Perform security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed.
  • Recommend appropriate corrective actions and remediation plans for risks identified.
  • Monitor Security posture and appraise Senior Leadership on the posture.
  • Conduct phishing campaigns that includes analysis of phishing emails and develop reports.
  • Experience in performing Security audits and Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems.
  • Understanding on Legal & Regulatory requirements such as Data privacy, Intellectual property safeguards, Records Management etc.
  • Knowledge about latest regulations, compliance, standards, and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, etc.
  • Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization.
  • Strong proficiency in Microsoft Office applications (MS Excel, Word, PowerPoint etc.) with a general understanding of data analysis techniques

JOB FUNCTIONS AND RESPONSIBILITIES

 

• Perform IT security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed.
• Perform and oversee Information Security Policy Framework 
• Recommend appropriate corrective actions and remediation plans for risks identified.
• Assist in developing the implementation of risk mitigation measures.
• Work with the Business functions to ensure security standards are in-line with Onity’s risk management and information security policies.
• Plan and execute vendor IT and Security audit programs in-line with Onity’s risk management policies.

EDUCATION / EXPERIENCE

• 2-3 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles 
• Bachelor’s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage.
• Preferred Certifications 
  • CGEIT or CISM 
  • CISSP
• Demonstrated experience in conducting Risk Assessments for Vendors, Internal and External stakeholders.
• Experience in Information Security or demonstrated knowledge on Information Security Operations.
• Demonstrated experience in a multi-vendor environment.
• Demonstrated experience in Cloud Security assessments on various Cloud platforms such as AWS, Azure, Oracle etc.

Team handling experience

WORK SCHEDULE OR TRAVEL REQUIREMENTS 

2 PM to 11 PM