Senior Analyst - Information Security
Trivandrum, Kerala, India
Envestnet
Explore our connected ecosystem of solutions, intelligence, and technologies that connect people’s daily lives with their long-term goals. See how we’re equipping advisors with the tools and resources needed to deliver the most impactful...Information Security – Client Assurance Service Management
- Coordinate Information Security support for prospect calls, ensuring swift responses in competitive scenarios.
- Manage the On-Call rotation schedule and Jira requests, ensuring proper ticket handling and effective communication with stakeholders.
- Handle initial assignment and reassignment of tickets, ensuring closure and professional engagement with the Security Analyst team.
- Coordinate client assessments, develop Project Plans, and review due diligence questionnaires.
- Communicate effectively with customers, promptly closing tickets with clear and professional responses.
- Identify and capture risk concerns, mapping audit evidence to NIST controls.
- Own all tickets coming into the client assurance portal, managing SLAs and completion of requests, including third-party risk and Vendor management reviews.
- Ensure all activities are properly documented, tickets are communicated professionally, and documentation is organized efficiently.
- Develop and document processes for the entire team, managing adherence to evolving requirements.
- Oversee day-to-day activities of the Client Assurance support resources, including Service Management and Security Analyst functions in the US and India.
- Work with HR, Compliance, Legal, Sales, and Engineering to ensure the team has the latest information for successful third-party audits.
- Own the tooling and management of processes related to Jira, Loopio, and other reporting or Audit tools, ensuring continuous improvement for the overall Information Security function.
- Responsible for new hire training and ongoing, up-to-date training for the larger Enterprise security team to meet compliance requirements.
- Assist with required governance, risk, compliance and audit tasks or activities such as assisting with audit evidence collection e.g., SOC2, SOC1, PCI, etc.
General Responsibilities
- Organize and update content on the Information Security page, facilitating access for new employees.
- Organize SharePoint folders for easy access to Service Management information.
- Review and update Client Assurance Standard Operating Procedure, ensuring alignment with the team's evolving needs.
- Schedule and lead monthly RFP meetings, providing guidance on process changes.
- Update the Client Assurance section of the weekly Control Report and present relevant information during management calls.
- Identify ongoing training for team members, staying informed about security conferences, and educating the team on relevant tools.
- Strong Communication (Verbal and Written) and presentation skills.
- Self-Starter that can effectively operate at a high level under limited supervision.
- Bachelor’s/master’s in engineering/Cybersecurity or equivalent.
- CISA, CISM, CISSP certifications would be an added advantage.
- Knowledge of NIST Risk Management Framework (RMF), GRC tools.
- Ability to prioritize tasks, make quick decisions, and a strong understanding of security controls and governance.
- 2 - 5 years of experience in a client service or ITGC auditee/auditor function handling complex requests and audit responses.
- Previous management experience would be a plus.
- A strong understanding of cybersecurity principles, concepts, and best practices.
- Familiarity with compliance frameworks or standards such as NIST, GDPR, SOC 1 and SOC 2, and PCI DSS service providers is an added advantage.
- Ability to understand prioritize and escalate tasks to resolve issues quickly and make decisions.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Analyst Jobs
Tags: Audits CISA CISM CISSP Compliance GDPR Governance Jira NIST PCI DSS RFPs Risk management RMF SharePoint SLAs SOC SOC 1 SOC 2 Vendor management
Perks/benefits: Conferences
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsInformation Security Specialist jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsSenior Penetration Tester jobsCyber Security Specialist jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Administrator jobsSystems Engineer jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsIT Security Analyst jobsCloud Security Architect jobsStaff Security Engineer jobsSecurity Operations Analyst jobsInformation Systems Security Engineer jobs
DevSecOps jobsKubernetes jobsEncryption jobsPowerShell jobsSaaS jobsIDS jobsEDR jobsSplunk jobsSDLC jobsIPS jobsSQL jobsRMF jobsTop Secret jobsIntrusion detection jobsBash jobsThreat detection jobsITIL jobsCompTIA jobsFinance jobsCRISC jobsOWASP jobsActive Directory jobsDoDD 8570 jobsDocker jobsBanking jobs
TCP/IP jobsUNIX jobsVPN jobsGIAC jobsSANS jobsHIPAA jobsTerraform jobsIT infrastructure jobsClearance Required jobsSOX jobsSOC 2 jobsOSCP jobsCISO jobsData Analytics jobsIndustrial jobsCCSP jobsJavaScript jobsDNS jobsSOAR jobsPolygraph jobsAnsible jobsMITRE ATT&CK jobsJira jobsCyber defense jobsCOBIT jobs