Lead Information Security Analyst

Mumbai, IN

Nomura

Nomura Holdings website. Group companies, news releases, services, CSR, IR, careers information.

View all jobs at Nomura

Apply now Apply later

Business Unit Overview:

 

Within the Global Information Security organization, the Security Risk and Control (SRC) function provides a structured framework for managing security across the organisation, aligning security efforts with business objectives, and ensuring compliance with regulatory requirements. Effective Security Risk and Control framework establishes policies, oversight of risk management and ensures adherence to relevant laws and industry standards.

 

 

 

 

 

 

 

 

 

Position Specifications:

 

Corporate Title

Associate

Functional Title

Lead Information Security Analyst

Experience

7 to 9 years

Qualification

Bachelor’s degree in engineering (Computer / Telecommunication), Computer Science / Information Technology or equivalent

Requisition No.

 

 

Job Summary:

 

We are seeking an experienced Information Security professional to join the Security Risk and Control team.  The ideal candidate will have a strong background in risk management, regulatory change management, compliance, and audit management.  This role requires a combination of technical expertise, excellent communication skills, and a thorough understanding of information security principles.
 

Role & Responsibilities:

 

Regulatory Management

 

  • Monitor and interpret regulatory changes affecting information security
  • Ensure compliance with relevant laws and regulations
  • Regulatory Change Management

 

Audit Management
 

  • Coordinate and manage audit exercises conducted by internal and external auditors, regulators, or external assessors
  • Liaise with various Information Security teams to prepare audit documentation and evidence
  • Liaise with the various Information Security Leads to address audit findings and tracking corrective actions for audit closure

 

Risk Management

 

  • Conduct comprehensive risk assessments to identify potential operational, financial, strategic and compliance risks
  • Analyse risk trends and emerging threats to provide insights for risk mitigation strategies
  • Work with cross-functional teams to ensure proper controls are in place to reduce risk exposure.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Requirements – Skills, Experience, and Certifications:

 

Technical Skills

 

  • Knowledge of regulatory frameworks and requirements (e.g., SEBI, RBI, MAS) and experience with regulatory compliance
  • Familiarity with security standards (e.g., CRI, ISO 27001, NIST)
  • In-depth understanding of information security principles and practices
  • Knowledge of current cyber threats and mitigation strategies

 

Soft Skills

 

  • Excellent communication and interpersonal skills
  • Strong analytical and problem-solving abilities
  • Ability to work independently and as part of a team
  • Detail-oriented with strong organizational skills
  • Ability to manage multiple tasks and projects simultaneously

 

Experience

 

  • 7-9 years of experience in information security, with a focus on risk management, regulatory change management, compliance, and audit management
  • Proven track record of managing and mitigating information security risks


Certifications

 

  • Information Security related professional certifications (e.g., Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), etc.)
     
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: CISA Compliance Computer Science CRISC ISO 27001 NIST Risk assessment Risk management

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.