Information Security Analyst (Business Security Operations)
Wtw Global Delivery And Solutions
Location
Mumbai | India
Job description
As the Information Security Associate within the Business Security Operations (Bus Sec Ops) team, you will be responsible for implementing and maintaining information cyber security practices across WTW.
Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards.
You will need to take a leadership role in building security testing framework for web-based applications which includes Threat Profiling, DAST, SAST, Security Architecture, and Penetration testing.
In this role, you are expected to understand the organization s information cyber security strategy and standards while working collaboratively with technology teams to implement and maintain sound security practices.
This role resides in our Information Cyber Security (ICS) team within Corporate IT.
Responsibilities Duties
Build and maintain effective relationship with technology teams and ICS stakeholders
Foster a culture of information and cyber security best practices though awareness and support
Stay up to date with the latest application security developments and security trends to continually improve internal processes
Hold good understanding of Application Infrastructure testing methodology support development teams in the remediation of vulnerabilities
Work with development teams to improve the secure software development lifecycle
Engage in information security activities to support client/business engagements ie, incidents, vulnerabilities, development lifecycles, risk management and emerging threats
Ability to coordinate and execute security testing for applications and cloud environments
Engage with key stakeholders to support internal and external audit activities to ensure compliance with regulations such as: SOC, FCA, NYDFS, GDPR, HIPAA
Demonstrate a good understanding of security regulations and data privacy laws
Support the risk identification exceptions management processManage and oversee adhoc projects related to maturing information and cyber security controls across the organization
Technical Skills:
Degree in a relevant Information Technology area preferably with a focus on information security
Significant experience in managing and patching vulnerabilities across a host of assets
Expert understanding of all aspects of information security principles, policy and its application in business and technology areas
Understanding of core cloud security principles
Knowledge and experience on supporting information security audits
Education Qualification : Degree in a relevant Business or Information Technology area
