Senior Advisor

Mumbai, Maharashtra, India

WTW

Bei WTW bieten wir datengesteuerte, evidenzbasierte Lösungen in den Bereichen Mitarbeiter, Risiko und Kapital an.

View all jobs at WTW

Apply now Apply later

Summary:

As the Information Security Associate within the Business Security Operations (BusSecOps) team, you will be responsible for implementing and maintaining information & cyber security practices across WTW. 

Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards.  You will need to take a leadership role in building security testing framework for web-based applications which includes Threat Profiling, DAST, SAST, Security Architecture, and Penetration testing. In this role, you are expected to understand the organization’s information & cyber security strategy and standards while working collaboratively with technology teams to implement and maintain sound security practices. 

This role resides in our Information & Cyber Security (ICS) team within Corporate IT.

 

Role:

Build and maintain effective relationship with technology teams and ICS stakeholders.

Foster a culture of information and cyber security best practices though awareness and support.

Stay up to date with the latest application security developments and security trends to continually improve internal processes.

Hold good understanding of Application & Infrastructure testing methodology & support development teams in the remediation of vulnerabilities.

Work with development teams to improve the secure software development lifecycle.

Engage in information security activities to support client/business engagements i.e., incidents, vulnerabilities, development lifecycles, risk management and emerging threats.

Ability to coordinate and execute security testing for applications and cloud environments.

Engage with key stakeholders to support internal and external audit activities to ensure compliance with regulations such as: SOC, FCA, NYDFS, GDPR, HIPAA.

Demonstrate a good understanding of security regulations and data privacy laws.

Support the risk identification & exceptions management process.

Manage and oversee adhoc projects related to maturing information and cyber security controls across the organization.

 

 

 

Requirements:

  • 3-5 years of experience in Information Security, Cyber Security, Application Security.
  • Significant experience in managing and patching vulnerabilities across a host of assets.
  • Expert understanding of all aspects of information security principles, policy and its application in business and technology areas.
  • Understanding of core cloud security principles.
  • Knowledge and experience on supporting information security audits.
  • Client focus: ability to engage positively with WTW clients and business stakeholders. 
  • Information Security specific certification is desirable (such as CISM, CISSP, CISA, CEH)
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  1  0

Tags: Application security Audits CEH CISA CISM CISSP Cloud Compliance DAST GDPR HIPAA ICS Pentesting Privacy Risk management SAST SDLC Security strategy SOC Strategy Vulnerabilities

Perks/benefits: Team events

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.