Cloud Security Analyst - TISO
Location
Bangalore | India
Job description
JOB TITLE: Cloud Security Analyst - TISO
LOCATION: Bangalore About Unilever Be part of the world's most successful, purpose-led business. Work with brands that are well-loved around the world, that improve the lives of our consumers and the communities around us. We promote innovation, big and small, to make our business win and grow; and we believe in business as a force for good. Unleash your curiosity, challenge ideas and disrupt processes; use your energy to make this happen. Our brilliant business leaders and colleagues provide mentorship and inspiration, so you can be at your best. Every day, nine out of ten Indian households use our products to feel good, look good and get more out of life – giving us a unique opportunity to build a brighter future.
Every individual here can bring their purpose to life through their work. Join us and you'll be surrounded by inspiring leaders and supportive peers. Among them, you'll channel your purpose, bring fresh ideas to the table, and simply be you. As you work to make a real impact on the business and the world, we'll work to help you become a better you.
About Uniops Unilever Operations (UniOps) is the global technology and operations engine of Unilever offering business services, technology, and enterprise solutions. UniOps serves over 190 locations and through a network of specialized service lines and partners delivers insights and innovations, user experiences and end-to-end seamless delivery making Unilever Purpose Led and Future Fit.
Business Context and Main Purpose of the Role Unilever is one of the world's leading suppliers of Food, Home, and Personal Care products with sales in over 190 countries and reaching 3.4 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Persil, Dove, Knorr, Domestos, Hellmann's, Wall's, Ben & Jerry's, Marmite, Magnum, and Lynx. Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That's why our purpose as Unilever is 'to make sustainable living commonplace'.
At Unilever, we're determined to achieve a culture where everyone can thrive, a culture where all individuals are treated fairly and respectfully, and where their uniqueness is celebrated. We're taking a holistic approach that focuses on how we can use the scale and reach of our business to have the greatest impact in our own workplace and beyond. We've set clear goals to eliminate any bias and discrimination in our policies and practices, accelerate diverse representation in our leadership, and remove barriers for people with disabilities. At the same time, we're setting out to spend more with diverse businesses and increasing representation of diverse groups in our advertising. Find out more about our commitment to equity, diversity, and inclusion on our website.
Unilever's Cyber Security organization is a multi-disciplinary team responsible for protecting the Confidentiality, Integrity and Availability of our Information and Operations. Our Cyber Security organization runs a 24x7 Security Operations Centre (SOC), oversees a robust Security Architecture and associated technology landscape, provides Cyber Security Solution Engineering and Risk Advisory to our business, and assesses the security of our vast technology estate, including factories, to name but a few areas. Cyber Security sits as part of the Business Operations organizations, as a peer to Unilever's Technology and Data functions and the broad Supply Chain agenda. Cyber Security is tasked with elevating, reporting on and influencing enterprise cyber security risk mitigation across Unilever. The Cyber Security function is made up of the Governance, Risk, Assurance, and Compliance (GRAC) team, the Tech & Ops team, the TISO teams, TISO Teams, and the Office of the CISO.
Role Purpose This Technical Information Analyst role will support all Enterprise Application related projects and developments, assessing security controls and adherence to standard security baselines, such as CIS and NIST. The role will specifically focus on cloud related projects, though will also support other projects outside the cloud space. These activities will be conducted with a 'Risk and compliance based' approach to support technology programs, ensuring cyber risk is mitigated to the lowest possible level.
Role Summary A vacancy exists for Technical Information Security Analyst for Tech and Ops within Unilever's cyber function. The successful candidate will support Unilever in achieving and maintaining Cyber Security objectives, standards, awareness, and compliance, defined using a 'Risk and Compliance based' approach. This analyst position will report to the Technical Information Security Manager within the TISO Organization.
Key areas delivered by the TISO team that will be supported by this role's reporting will include:
- Cyber security solution evaluation, and risk advisory across Technical Service team which include Cloud – Azure and Google, network, collaboration services etc, assuring appropriate risk identification, assessment, mitigation plans, and reporting.
- Technical services provide core foundations services to UL, selected person will work with platforms team in technical services to make sure new service are designed with security consideration from inception.
- Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Ensuring the deployment and running of security tooling throughout the Tech & Ops lifecycles, in conjunction with the Cloud Cyber Security team.
- Developing and delivering risk reports for Directors and Platforms.
- Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture.
- Working knowledge in applying an organization's goals and objectives to develop and maintain architecture.
- Hands on experience in executing technology integration processes.
- Ability to understand build architectures and frameworks and to correlate with existing infrastructure and technologies.
- Tailoring cyber training and awareness across Security champions in alignment and partnership with the respective Training and Awareness Lead.
- Maintaining and effectively directing the timely closure of security exceptions while reporting status to the Governance, Risk, Assurance and Compliance (GRAC) team.
- Providing standards and controls feedback, based on local implementation requirements to the GRAC team to help attain global policies and standards.
- Partnering with regional TISOs to ensure appropriate cyber risk mitigation is ongoing for in scope business units.
- Basic Knowledge of basic system, network, and OS hardening techniques, computer networking concepts and protocols, and network security methodologies.
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Working knowledge in handling cyber threats and vulnerabilities, and of specific operational impacts of cybersecurity lapses.
- Has good understanding of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities.
- Basics of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Working knowledge in basics of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
- Basic working knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
- Developing reports via tools such as Power BI and Excel and working closely with the Risk and governance teams to stay ahead of the issues and activities.
Main Accountabilities - Responsible for supporting the TISO in data gathering, report creation, and presentation for Cloud Security under Technology and Operations.
- Responsible for supporting the TISO in cyber risk reporting from different CSP's, Businesses, and technologies.
Skills Key Skills and Relevant Experience - Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
- Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
- Excellent written and verbal communication skills and able to be understood by both technical and non-technical personnel. Ability to lead, develop, and work in a team.
- Skill in identifying and correlating Technologies and Operations aspects in IT Sec Arch designs that translate to proposed solutions.
- Working knowledge and experience in Cloud Cyber Security design and the implications in IAAS and PAAS structure.
- Important Ability to understand how a security system works (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- Skill to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
- Ability to manage conflicting priorities and multiple tasks.
- Stakeholder management and interpersonal skills at both a technical and non-technical level.
- Ability to work in a collaborative environment with international team members.
- Outstanding critical reasoning and problem-solving skills – sticking to the problem until it is resolved.
- Customer-orientated, whether responding to queries or delivering new services.
Experience - The role holder will need to have previously held a role in Cloud Cyber Security
- Experience driving a complex change agenda, and an ability to challenge the 'status quo'.
- Strong strategic and operational business awareness, with an understanding of the key drivers, levers, issues, and constraints of digital businesses.
- Experience within a customer focused environment.
Behaviours Candidates would be required to demonstrate the Unilever Standards of Leadership & live the Values through showing the following behaviors:
- Agility – Flexes leadership style and plans to meet changing situations with urgency. Learns from the past, envisions the future, has a healthy dissatisfaction with the status quo.
- Personal Mastery – Actively builds wellbeing and resilience in themselves and their team. Has emotional intelligence to take feedback, manage mood and motivations, and build empathy for others. Sets high standards for themselves and always brings their best self.
- Passion for High Performance – Inspires the energy needed to win, generating intensity and focus to motivate people to deliver results at speed.
At HUL, we believe that every individual irrespective of their race, colour, religion, gender, sexual orientation, gender identity or expression, age, nationality, caste, disability or marital status can bring their purpose to life. So apply to us, to unleash your curiosity, challenge ideas and disrupt processes; use your energy to make the world a better place. As you work to make a real impact on the business and the world, we'll work to help you become a better you!
Job tags
Salary
