Lead - Information Security
Trivandrum, Kerala, India
Envestnet
Explore our connected ecosystem of solutions, intelligence, and technologies that connect people’s daily lives with their long-term goals. See how we’re equipping advisors with the tools and resources needed to deliver the most impactful...
Roles and Responsibilities
- Serve as the primary point of contact for client security-related issues, escalating and resolving technical client escalation issues.
- They act as the Client Assurance Subject Matter Expert (CA SME) in collaboration with the Service Management (SM) team.
- Engage in and host client meetings to review deliverables, discuss requests, and provide high-level security expertise and support on existing controls and frameworks.
- Assist with client management aspects, including questionnaires, timely response to client queries, and concerns.
- Handle technical client escalation issues before reaching the Director CA, documenting and mitigating future escalations.
- Provide technical support during the entire audit process, including following up on audit findings for remediation.
- Proactively collect, document, and store evidence needed for client audits.
- Engage SMEs from different business units through quarterly meetings.
- Communicate client security control requirements to the SM team through regular training sessions.
- Proactively engage SMEs to update the evidence library with new information.
- Review FAQs for all business units annually and update with the latest information.
- Develop and maintain customer-facing Security overview presentations.
- Manage new vulnerabilities from external sources, internal penetration tests, or client notifications.
- Identify the impact of vulnerabilities and generate initial communications for clients.
- Attend real-time vulnerability calls for urgent issues and follow up on remediation progress.
- Update and respond to technical issues raised by the RFP team.
- Organize SharePoint folders for easy access to information and evidence.
- Manage Jira updates and maintain accuracy in the CA confluence space.
- Review and update the Client Assurance Standard Operating Procedure after consulting with the team.
- Coordinate SME support for client audits in collaboration with the CA Service Management team.
- Train teams on security controls and processes monthly, storing sessions in an easily accessible location.
- Educate the Service Management team on updates and new developments in the security space.
- Coordinate training opportunities from SMEs for the team to learn different security controls.
- Orchestrate the annual review with Compliance of company-wide Security information presentations.
- Support client-facing teams in sales meetings and client communications requiring security specialist support.
- Operate with urgency for fast turnaround in competitive situations.
- Engage in SOC operations threat tracking.
- Participate in incident management, change control meetings, and cloud migration initiatives.
- Ability to prioritize tasks, make quick decisions, and a strong understanding of security controls and governance.
- Bachelor’s degree in computer science, Engineering, Information Systems, Business, or other Information security disciplines OR 7+ years of relevant professional experience in Information Security or IT Risk Management.
- Desired: relevant information security certifications (e.g., CISSP, CISA, CISM, CRISC, or GIAC) and GRC tools.
- Understanding of legal and regulatory compliance standards and requirements against data and IT, including, CIS, FERPA, Payment Card Industry Data Security Standard (PCIDSS), ISO27001, NIST, and COBIT.
- Possess the verbal and written communication skills to work effectively with technical and non-technical personnel at various levels in the organization; Excellent interpersonal, verbal, and written communication, including good presentation skills.
- Can multi-task, communicate clearly, learn new technologies and processes, and provide support to process/solution owners.
- Can drive projects focused on continuous improvement and efficiencies in the organization. Is someone who takes initiative and doesn’t require continuous monitoring.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Ability to understand technology, management, and leadership issues related to organization processes and problem-solving.
- Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
- Knowledge of information security program management and project management principles and techniques.
- Knowledge of products that protect systems, such as Intrusion Prevention Systems (host- and network-based), Firewalls, Security Event Management Systems, port scanning and vulnerability identification, monitoring, and logging mechanisms, etc.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
3
2
0
Category:
Leadership Jobs
Tags: Audits CISA CISM CISSP Cloud COBIT Compliance Computer Science Confluence CRISC Firewalls GIAC Governance Intrusion prevention ISO 27001 Jira Monitoring NIST PCI DSS RFPs Risk management SharePoint SOC Vulnerabilities
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Officer jobsInformation Systems Security Officer jobsInformation System Security Officer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSecurity Consultant jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsCyber Security Specialist jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsPrincipal Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsSystems Engineer jobs
GDPR jobsEDR jobsForensics jobsSaaS jobsEncryption jobsMalware jobsTop Secret jobsSplunk jobsSDLC jobsRMF jobsSQL jobsIDS jobsBash jobsIPS jobsDocker jobsIntrusion detection jobsDoDD 8570 jobsCompTIA jobsITIL jobsTerraform jobsOWASP jobsFinance jobsTCP/IP jobsCRISC jobsThreat detection jobs
Active Directory jobsUNIX jobsVPN jobsGIAC jobsClearance Required jobsAnsible jobsBanking jobsJavaScript jobsSANS jobsPolygraph jobsHIPAA jobsIT infrastructure jobsDNS jobsJira jobsOSCP jobsGCIH jobsMITRE ATT&CK jobsMachine Learning jobsData Analytics jobsCCSP jobsSOX jobsSOC 2 jobsSOAR jobsCISO jobsOracle jobs