Lead Engineer

Job Description:

Security, Risk and Technology

Strong knowledge of financial services and insurance industry regulations around security and privacy including the Gramm-Leach-Bliley Act, State Privacy Laws, Health Insurance Portability and Accountability Act (HIPAA), Fair Credit Reporting Act, SEC Rules 17a-3 and 17a-4, and state security breach disclosure notification laws. Ability to relate these regulations back to security controls.
Understanding and application of information security standards and best practices including NIST Cybersecurity Framework, ISO 27001-4, CoBIT, Cloud Security Alliance, etc.
Ability to identify risks, quantify them, and help recommend and design mitigations.
Broad knowledge of Unix, Linux, Windows and mainframe server environments. Knowledge of various database platforms.
Strong knowledge of best practice processes and technologies across security domains especially related to identity and access management, network security, logging and monitoring.
Knowledge of at least one cloud services platform (Amazon Web Services, Microsoft Azure, Google
Cloud or Oracle Cloud)
Education / Experience:

Security, compliance, audit or risk covering a wide area of technologies and security domains including those previously mentioned.
Financial industry or highly regulated industry background (Insurance, Banking, etc.)
Project work experience with a recognized security, audit, or risk consulting firm a plus
CISSP, CISA, CISM or other security/control certifications a plus.
Bachelor’s degree or higher – preferably in Computer Science, Engineering, or a related scientific fields
Communication

Excellent verbal and written communication skills
Ability to develop and QA/oversee development of high quality project artifacts
Ability to collaborate, influence and communicate successfully in different ways concisely to different audiences (i.e., in business terms to business people, in technical terms to technical people)
Able to develop and present dashboards
Engagement

Proven ability to engage with customers (IT and Business) and consultants in a highly professional and competent manner.
Understanding and experience with project life cycles using proven methodologies – from analysis through implementation with hands-on deliverable development.
Ability to work in a matrix reporting environment
A practiced ability to influence peers, customers and project teams to make security minded decisions and changes
Ability to scope projects, developing project charters, requirements, documenting issues and work plans, vendor selection, product/process design and implementation, change management/communication a plus.

Qualifications:

Security, Risk and Technology

• Strong knowledge of financial services and insurance industry regulations around security and privacy including the Gramm-Leach-Bliley Act, State Privacy Laws, Health Insurance Portability and Accountability Act (HIPAA), Fair Credit Reporting Act, SEC Rules 17a-3 and 17a-4, and state security breach disclosure notification laws. Ability to relate these regulations back to security controls.
• Understanding and application of information security standards and best practices including NIST Cybersecurity Framework, ISO 27001-4, CoBIT, Cloud Security Alliance, etc.
• Ability to identify risks, quantify them, and help recommend and design mitigations.
• Broad knowledge of Unix, Linux, Windows and mainframe server environments. Knowledge of various database platforms.
• Strong knowledge of best practice processes and technologies across security domains especially related to identity and access management, network security, logging and monitoring.
• Knowledge of at least one cloud services platform (Amazon Web Services, Microsoft Azure, Google
• Cloud or Oracle Cloud)

Education / Experience:

• Security, compliance, audit or risk covering a wide area of technologies and security domains including those previously mentioned.
• Financial industry or highly regulated industry background (Insurance, Banking, etc.)
• Project work experience with a recognized security, audit, or risk consulting firm a plus
• CISSP, CISA, CISM or other security/control certifications a plus.
• Bachelor’s degree or higher – preferably in Computer Science, Engineering, or a related scientific fields

Communication

• Excellent verbal and written communication skills
• Ability to develop and QA/oversee development of high quality project artifacts
• Ability to collaborate, influence and communicate successfully in different ways concisely to different audiences (i.e., in business terms to business people, in technical terms to technical people)
• Able to develop and present dashboards

Engagement

• Proven ability to engage with customers (IT and Business) and consultants in a highly professional and competent manner.
• Understanding and experience with project life cycles using proven methodologies – from analysis through implementation with hands-on deliverable development.
• Ability to work in a matrix reporting environment
• A practiced ability to influence peers, customers and project teams to make security minded decisions and changes
• Ability to scope projects, developing project charters, requirements, documenting issues and work plans, vendor selection, product/process design and implementation, change management/communication a plus.

Location:

This position can be based in any of the following locations:

Chennai, Gurgaon

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday