Senior Information Security Analyst

Function as the local point of contact and information security subject matter expert for Operational Security and Information Security initiatives being delivered across EMEA and APAC. This role will ensure security controls are robust and policies are being met through operational oversight of day-to-day activity, balanced risk assessment across all pillars using intelligence and business awareness.

Qualifications and skills (Required):

• Cloud experience
• Understanding of Windows/Linux/Network Devices Some level of exposure to any of the following security tools:
• Securonix
• Symantec Endpoint Protection
• Carbon Black (Response and protect)
• FireEye
• Symantec DLP
• Trellix
• IronPort
• SUMO
• Zscaler
• CyberArk
• Vulnerability scanning tools.

Qualifications and Experience (Preferred):

• Familiarity with foundational programming languages
• Degree in technology, cyber security or similar
• CISSP qualification

Role Responsibilities and Key Capabilities:

• At least 5 years of Information Security exposure, building on a technical understanding of Windows operating systems through a hands-on technical operation role.
• Serve as the Operational Security SME for both local and global technical teams across EUC, Servers and Networks on all platforms from Windows, Linux, and Network devices. Using security tooling currently employed within the business you will need to investigate across platforms using experience and awareness to understand vulnerabilities and system hardening (TVM), incident response and triage (Cybersecurity/SOC), data loss prevention (DLP), identity and access management (IAM) and privilege access management (PAM).
• Time spent on “BAU” OpSec activity. To ensure the health and hygiene of the environment you will be working across all pillars of the ISS (Information Security Services) security programme. ○ Working across all areas you will need to have a thorough understanding of all areas, delivering daily update calls for current state in time, before ensuring all actions are assigned within the team. ○ Operationally understand and deliver KRI (Key Risk Indictor) reports for senior leadership through the collaboration across all technical teams where Columbia Threadneedle has a technical presence for business delivery ■ Understand the use of patching mechanisms such as SCCM and Intune ■ Knowledge of report creation within ServiceNow Ability to build out formulas within Excel to cross verify and validate technical team controls. ■ ○ Delivery of Regulatory audit requirements for the business risk teams through coordination with the Risk team, internal team leadership and business system owners. This activity is completed to deliver audit evidence in an accepted format in a timely manner in parallel with lights on activity within the team. ○ Deep understanding of process and ability to not only act but able to put down process into operational guidelines. Able to follow process but also feedback potential gaps in the same to ensure continuous process improvement. ○ Ability to work independently to manage own workload in a well organised and analytical approach with a keen attention to detail. Operationally you will have a good understanding of business policy and with an ability to arrive at a non-technical understanding to deliver to those with less security understanding.  ○ ○ Ability to use PowerShell scripting, MS Office, and MS power tools (PowerBi, Power Query) necessary.
• Time spent on Vulnerability management: bility to take industry standards such as CIS (Center for Internet Security) along with vendor Security hardening baselines. Identify appropriate controls from these standards and communicate and collaborate with technical teams on a balanced approach on implementation to meet business policy. ○ ○ Ability to obtain and parse scan outputs from both IP360 and Flexera scan reports to dissect and identify opportunities to remediate risk items using a technical understanding of risks and compensating controls and how these affect the need to remediate. Where items have been identified, ticket within ServiceNow, identify appropriate teams to remediate through understanding for corporate structures. Should conflict arise, mediate between teams to push for resolution without a need to bring in leadership to assist with resolution. ○ Monitor external threat feeds and media information around latest Vulnerability information and through the understanding of CVE (Common Vulnerabilities and Exposures) and risk assessments, proceed with escalation only when the risk to the business is sufficient to react. Outputs will be clear and concise on risk and mitigation ○ Attend and feed into global TVM team operation and approach, putting forward not only the CTI (Columbia Threadneedle Investment) viewpoint and risks in the EMEA/APAC time zones but assist with delivery of a global operation for Vulnerability management for the wider bank.
• Time spent on Cybersecurity: Act as an EMEA/APAC InfoSec point of contact in the event of an internal incident as well as a coordinator for any Vendor incident. Working with both internal and external partners, through experience, coordinate and question the response in a balanced manner to both understand the risk and drive to an incident resolution. 
• Operate as part of the global SOC (Security Operations Center) operation on a regular basis, delivering on incident response for both the bank and CTI using securonix through both workflows and experiences as an information security SME. ○ Operate in a controlled manner to control the risk of actions when dealing with requests using sandboxes and internally controlled tooling. ○ Operate with a thorough understanding across all security tools available to investigate through to a risk based decision on next actions. Securonix ■ Symantec Endpoint Protection ■ Carbon Black (Response and protect) ■ FireEye ■ Symantec DLP ■ Trellix ■ IronPort ■ SUMO ■ Zscaler
• Time spent on Identity and Access Management (IAM) and Privileged Access Management (PAM): oordinate with the IAM and IAG global team on the successful delivery of regular quarterly reviews using the bank Aveksa system. ○ You will need an understanding of SQL queries against the back-end Database to obtain outstanding reviews in a timely manner. ○ Where reviews are not closed in a timely manner, you will coordinate with end users to coach, direct, and explain in non-technical terms the regulatory reason for the delivery of the reviews. Where resistance is faced, coordinate and act as a mediator between the user and the line manager to arrive at a successful review completion. ○ ○ Work within the PAM tool to provide governance over the Privileged Account Management Lifecyle.  You will coordinate with external business partners within alternate LOB (Line of Business) to complete the same reviews in a manual manner, both working within the OpSec the team tracking review responses, speaking to users, and submitting reviews on the user behalf.

About Our Company
Ameriprise India LLP has been providing client based financial solutions to help clients plan and achieve their financial objectives for 125 years. We are a U.S. based financial planning company headquartered in Minneapolis with a global presence. The firm’s focus areas include Asset Management and Advice, Retirement Planning and Insurance Protection. Be part of an inclusive, collaborative culture that rewards you for your contributions and work with other talented individuals who share your passion for doing great work. You’ll also have plenty of opportunities to make your mark at the office and a difference in your community. So if you're talented, driven and want to work for a strong ethical company that cares, take the next step and create a career at Ameriprise India LLP.

Ameriprise India LLP is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, genetic information, age, sexual orientation, gender identity, disability, veteran status, marital status, family status or any other basis prohibited by law.

Full-Time/Part-Time

Full time

Timings

(2:00p-10:30p)

India Business Unit

AWMPO AWMP&S President's Office

Job Family Group

Technology