Senior Analyst - Information Security

Trivandrum, Kerala, India

Envestnet

Explore our connected ecosystem of solutions, intelligence, and technologies that connect people’s daily lives with their long-term goals. See how we’re equipping advisors with the tools and resources needed to deliver the most impactful...

View all jobs at Envestnet

Apply now Apply later

Information Security – Client Assurance Service Management

  • Coordinate Information Security support for prospect calls, ensuring swift responses in competitive scenarios.
  • Manage the On-Call rotation schedule and Jira requests, ensuring proper ticket handling and effective communication with stakeholders.
  • Handle initial assignment and reassignment of tickets, ensuring closure and professional engagement with the Security Analyst team.
  • Coordinate client assessments, develop Project Plans, and review due diligence questionnaires.
  • Communicate effectively with customers, promptly closing tickets with clear and professional responses.
  • Identify and capture risk concerns, mapping audit evidence to NIST controls.
  • Own all tickets coming into the client assurance portal, managing SLAs and completion of requests, including third-party risk and Vendor management reviews.
  • Ensure all activities are properly documented, tickets are communicated professionally, and documentation is organized efficiently.
  • Develop and document processes for the entire team, managing adherence to evolving requirements.
  • Oversee day-to-day activities of the Client Assurance support resources, including Service Management and Security Analyst functions in the US and India.
  • Work with HR, Compliance, Legal, Sales, and Engineering to ensure the team has the latest information for successful third-party audits.
  • Own the tooling and management of processes related to Jira, Loopio, and other reporting or Audit tools, ensuring continuous improvement for the overall Information Security function.
  • Responsible for new hire training and ongoing, up-to-date training for the larger Enterprise security team to meet compliance requirements.
  • Assist with required governance, risk, compliance and audit tasks or activities such as assisting with audit evidence collection e.g., SOC2, SOC1, PCI, etc.

General Responsibilities

  • Organize and update content on the Information Security page, facilitating access for new employees.
  • Organize SharePoint folders for easy access to Service Management information.
  • Review and update Client Assurance Standard Operating Procedure, ensuring alignment with the team's evolving needs.
  • Schedule and lead monthly RFP meetings, providing guidance on process changes.
  • Update the Client Assurance section of the weekly Control Report and present relevant information during management calls.
  • Identify ongoing training for team members, staying informed about security conferences, and educating the team on relevant tools.
Requirements
  • Strong Communication (Verbal and Written) and presentation skills.
  • Self-Starter that can effectively operate at a high level under limited supervision. 
  • Bachelor’s/master’s in engineering/Cybersecurity or equivalent.
  • CISA, CISM, CISSP certifications would be an added advantage.
  • Knowledge of NIST Risk Management Framework (RMF), GRC tools.
  • Ability to prioritize tasks, make quick decisions, and a strong understanding of security controls and governance.
  • 2 - 5 years of experience in a client service or ITGC auditee/auditor function handling complex requests and audit responses.
  • Previous management experience would be a plus.
  • A strong understanding of cybersecurity principles, concepts, and best practices.
  • Familiarity with compliance frameworks or standards such as NIST, GDPR, SOC 1 and SOC 2, and PCI DSS service providers is an added advantage.
  • Ability to understand prioritize and escalate tasks to resolve issues quickly and make decisions. 
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Category: Analyst Jobs

Tags: Audits CISA CISM CISSP Compliance GDPR Governance Jira NIST PCI DSS RFPs Risk management RMF SharePoint SLAs SOC SOC 1 SOC 2 Vendor management

Perks/benefits: Conferences

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.