Lead - Information Security
Trivandrum, Kerala, India
Envestnet
Explore our connected ecosystem of solutions, intelligence, and technologies that connect people’s daily lives with their long-term goals. See how we’re equipping advisors with the tools and resources needed to deliver the most impactful...
Roles and Responsibilities
- Serve as the primary point of contact for client security-related issues, escalating and resolving technical client escalation issues.
- They act as the Client Assurance Subject Matter Expert (CA SME) in collaboration with the Service Management (SM) team.
- Engage in and host client meetings to review deliverables, discuss requests, and provide high-level security expertise and support on existing controls and frameworks.
- Assist with client management aspects, including questionnaires, timely response to client queries, and concerns.
- Handle technical client escalation issues before reaching the Director CA, documenting and mitigating future escalations.
- Provide technical support during the entire audit process, including following up on audit findings for remediation.
- Proactively collect, document, and store evidence needed for client audits.
- Engage SMEs from different business units through quarterly meetings.
- Communicate client security control requirements to the SM team through regular training sessions.
- Proactively engage SMEs to update the evidence library with new information.
- Review FAQs for all business units annually and update with the latest information.
- Develop and maintain customer-facing Security overview presentations.
- Manage new vulnerabilities from external sources, internal penetration tests, or client notifications.
- Identify the impact of vulnerabilities and generate initial communications for clients.
- Attend real-time vulnerability calls for urgent issues and follow up on remediation progress.
- Update and respond to technical issues raised by the RFP team.
- Organize SharePoint folders for easy access to information and evidence.
- Manage Jira updates and maintain accuracy in the CA confluence space.
- Review and update the Client Assurance Standard Operating Procedure after consulting with the team.
- Coordinate SME support for client audits in collaboration with the CA Service Management team.
- Train teams on security controls and processes monthly, storing sessions in an easily accessible location.
- Educate the Service Management team on updates and new developments in the security space.
- Coordinate training opportunities from SMEs for the team to learn different security controls.
- Orchestrate the annual review with Compliance of company-wide Security information presentations.
- Support client-facing teams in sales meetings and client communications requiring security specialist support.
- Operate with urgency for fast turnaround in competitive situations.
- Engage in SOC operations threat tracking.
- Participate in incident management, change control meetings, and cloud migration initiatives.
- Ability to prioritize tasks, make quick decisions, and a strong understanding of security controls and governance.
- Bachelor’s degree in computer science, Engineering, Information Systems, Business, or other Information security disciplines OR 7+ years of relevant professional experience in Information Security or IT Risk Management.
- Desired: relevant information security certifications (e.g., CISSP, CISA, CISM, CRISC, or GIAC) and GRC tools.
- Understanding of legal and regulatory compliance standards and requirements against data and IT, including, CIS, FERPA, Payment Card Industry Data Security Standard (PCIDSS), ISO27001, NIST, and COBIT.
- Possess the verbal and written communication skills to work effectively with technical and non-technical personnel at various levels in the organization; Excellent interpersonal, verbal, and written communication, including good presentation skills.
- Can multi-task, communicate clearly, learn new technologies and processes, and provide support to process/solution owners.
- Can drive projects focused on continuous improvement and efficiencies in the organization. Is someone who takes initiative and doesn’t require continuous monitoring.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Ability to understand technology, management, and leadership issues related to organization processes and problem-solving.
- Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
- Knowledge of information security program management and project management principles and techniques.
- Knowledge of products that protect systems, such as Intrusion Prevention Systems (host- and network-based), Firewalls, Security Event Management Systems, port scanning and vulnerability identification, monitoring, and logging mechanisms, etc.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
3
2
0
Category:
Leadership Jobs
Tags: Audits CISA CISM CISSP Cloud COBIT Compliance Computer Science Confluence CRISC Firewalls GIAC Governance Intrusion prevention ISO 27001 Jira Monitoring NIST PCI DSS RFPs Risk management SharePoint SOC Vulnerabilities
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSecurity Consultant jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsSecurity Specialist jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsIT Security Analyst jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Information Security Engineer jobsSystems Administrator jobsThreat Intelligence Analyst jobs
GDPR jobsSaaS jobsForensics jobsEncryption jobsMalware jobsTop Secret jobsEDR jobsSDLC jobsSplunk jobsRMF jobsSQL jobsIDS jobsIPS jobsBash jobsCompTIA jobsIntrusion detection jobsDoDD 8570 jobsDocker jobsThreat detection jobsFinance jobsITIL jobsOWASP jobsTCP/IP jobsTerraform jobsActive Directory jobs
VPN jobsCRISC jobsGIAC jobsUNIX jobsClearance Required jobsIT infrastructure jobsBanking jobsSANS jobsJavaScript jobsPolygraph jobsAnsible jobsHIPAA jobsJira jobsDNS jobsMITRE ATT&CK jobsSOX jobsOSCP jobsCCSP jobsData Analytics jobsMachine Learning jobsSOC 2 jobsSecurity strategy jobsSOAR jobsGCIH jobsCISO jobs