Associate Lead Consultant - Cyber Security Job

YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.

At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future.

We are looking forward to hire Governance, Risk, and Compliance (GRC/IRM) Professionals in the following areas :

Description

The Cyber Security Consultant will be responsible for leading the development and implementation of a comprehensive Risk Management program.  The Security Consultant will be responsible for creating and maintaining our overall security architecture including cloud and network. Also responsible for applications security, Secure configuration & hardening, and organization security score platform.

Technical Skills

BitSight

• Daily monitoring and review of exposed credentials
• Weekly BitSight security findings, perform an analysis, and present the findings to the security Architecture and Engineering team, GRC team, and application stakeholders.
• Advise stakeholders on the identified potential security gaps and assist in remediating identified open gaps.
• Triaging, and addressing application security vulnerabilities as needed.
• Clean up the inactive domains on approval from domain owners
• Present findings to security leadership every week.
• Manage and follow the SOP documents as needed.

Job Responsibilities

• Create and maintain guidelines to support the development of secure software within CUSTOMER.
• Responsible for embedding security into CUSTOMER’s end-to-end software development practices/ DevSecOps.
• Excellent understanding of information security and risk frameworks/ standards ISO 27001/2, NIST 800 series, and CIS.
• Understanding of Secure configuration and Hardening
• Manage third-party audit activities related to infosec regulatory compliance
• Experience with internal controls, risk assessments, business processes and internal IT control testing or operational auditing
• Drive vulnerability Management program towards identification of threats on CUSTOMER assets through automated, and regularly scheduled scans of both external, and internal facing assets.
• Design and implement a comprehensive security strategy to deliver continuous improvements on our security infrastructure and systems security posture
• Perform risk assessment on new and existing third parties
• Knowledge of ITIL, NIST and other security frameworks and standards
• Has Knowledge robust Security knowledge across all security domains
• Outstanding organizational skills
• Has excellent stakeholder communication and collaboration skills
• Build and maintain strong relationships with cross-functional technical teams will also enable you to influence the way they view, navigate and remediate any potential security threats in their day-to-day activities.

Preferred Certifications

• Certified in Risk and Information Systems Control (CRISC),
• GIAC Security Essentials Certified (GSEC)
• Certified Information Systems Security Professional (CISSP)

At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale.

Our Hyperlearning workplace is grounded upon four principles

• Flexible work arrangements, Free spirit, and emotional positivity
• Agile self-determination, trust, transparency, and open collaboration
• All Support needed for the realization of business goals,
• Stable employment with a great atmosphere and ethical corporate culture