HCLTech
Location
Chennai | India
Job description
Job Description (Posting).
Senior Information Security Analyst: Job Description About Wells Fargo India Wells Fargo India enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation and Product, Analytics and Modeling. We are operating in Hyderabad, Bengaluru and Chennai locations. Department Overview Wells Fargo views information security as enabling lines of business to mitigate information security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, ICS protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws About The Role Wells Fargo is seeking a Senior Analyst (Individual Contributor) in the area of Information and Cyber Security for the Third Party Information Security Evaluations team. The role activities include assessing, testing, monitoring, and reporting on the adequacy, efficiency, and effectiveness of information security related controls for third party. Key Responsibilities Work and collaborate with third party service providers to assess information security risk in IT infrastructures, applications, and information security programs of varying sizes and complexities. Execute remote security assessments via questionnaires, as needed, and complete associated reports, and security plans. Review/analyze third party attestation and certification artifacts (SOC2, SIG, PCI DSS, Etc.) shared by third parties to identify the information security risks Document assessment results and write assessment report(s) for key stakeholders in conjunction with the Wells Fargo Information Security Risk Assessment Program. Provide subject matter expertise in the Third Party information security program and provide timely solutions to identified problems Work independently as the Third Party Assessment lead. Collaborate with the senior leader - Third Party Assessment management; US and internal stakeholders Analyze the data related to information security findings and present meaningful views to relevant stakeholders on the trends and patterns of control gaps. Required Qualifications 10+ years of experience working in Information Security Governance Risk and Compliance 4+ years of experience working in Third Party Information Security Assessment or Cyber Security Assessments Bachelor s and/or Master s degree in Computer Science or Information Systems Knowledge of security frameworks and regulations such as ISO 27001/27002, PCI DSS, COBIT, NIST, GLBA, GDPR One or more professional certifications like CISA or CISSP Exposure in Conducting Onsite or Remote Third Party Information Security risk evaluations Superior attention to detail with excellent written and verbal communication skills. Expertise in writing technical reports. Demonstrated critical thinking and analytical skills. Demonstrated experience in developing and presenting operational metrics. Strong understanding of information security domains and possesses a well-rounded technical background. Knowledge of operational risk, IT processes and systems Comfortable with making and presenting recommendations to a wide audience of stakeholders Stay informed and educated on current and potential security threats and attacks Ability to work with complex teams and have global experience, specifically US banks Desired Qualifications Demonstrated experience in stakeholder management Demonstrated experience of conflict resolution, negotiation and problem identification and solving skills. Demonstrated experience in managing complex projects related to information security Knowledge of Qualification B-Tech No. of Positions 1 Skill (Primary) Information Security-Security Assessments-Cyber Security Assessments Auto req ID 1353271BRJob tags
Salary
