[24]7.ai
Location
Bangalore | India
Job description
Job title:
Senior Information Security Analyst – GRC-Vulnerability, Risk Assessment & Management POSITION SUMMARY : The role of Senior Information Security Analyst is to assist the Global InfoSec team with Internal Technical Controls to conduct risk assessments analyzes and assessing vulnerabilities in the infrastructure (software, hardware, networks) to identify and document gaps or weaknesses in security controls to provide recommended solutions to address identified gaps. The Senior Information Security Analyst is responsible for performing assessments, document findings, gathering IT audit evidence, developing reports or presentations and other key tasks during the assessment process. Experience required : 4 – 7 years Job Location : Bangalore, India (Hybrid model) Reports to : Director, InfoSec GRC Required Skills and Abilities : University degree in Computer Science, Information Technology or Cyber security related fields. Total experience of 4-7 years specifically in the information security industry is preferred Experience in Risk assessment – End to end Risk assessment, different Methodologies, framework, and difference between Threat, Risk & vulnerabilities. Good experience in End to end Risk management & its process. Good to have prior experience in Vulnerability scanning, penetration testing to analyses the reports. Able to manage enterprise risk assessment , different vulnerabilities assessments. Conducting information security training , training content. Being able to assign courses to individual. Good exposure in Audit Framework OR Information Security Standards – SOC-2, PCI-DSS Audits. Should have involved in SOC-2, PCI-DSS Audits. LIKE helped organization in obtaining the Audit certification. Information security certifications such as CISSP, GIAC, CRISC, CISA etc . Strong knowledge of technical configurations from various operating systems and security solutions (Windows, Linux, VMware, IDS/IPS, HIPS, FIM, SIEM, WAF, Cyber Security, encryption, etc.) Excellent proficiency in Risk assessment, penetration testing, vulnerability scan tools, SIEM tools, network management, remote access and mobility security tools/control Ability to read technical and business documents with deep comprehension Ability to use active listening skills to identify key information and isolate areas for follow up Ability to document risk to IT systems and associated business processes including development of spreadsheets, reports and presentations Ability to identify policy compliance with regulatory/compliance requirements (e.g., PCI, HIPAA/HITRUST, SOC), information security frameworks and controls (e.g., NIST, ISO, CIS). Ability to develop policies, standards and baseline configurations Strong attention to detail and ability to document findings and convey information Ability to manage project deliverables and deadlines Ability to clearly communicate with co-workers, management, and vendors. Must be available for after-hours implementations, testing and support in a 24x7 technical business environment. POSITION RESPONSIBILITIES: Perform Vulnerability Assessment of Enterprise IT Infra & Software application Participate in risk assessments of IT infrastructure and applications, document audit findings, maintain risk register and prepare draft reports. Review technical configurations from various operating systems and security solutions (Windows, Linux, AD, VMware, IDS/IPS, FIM, SIEM, WAF, AV, endpoint encryption, etc.) to determine/enhance the parameters to meet industry-accepted hardening standards such as NIST, CIS, SANS, etc. Manage automated vulnerability scanning tools and run against all on premise and cloud-based systems and applications Review security reports from various security technologies (vulnerability assessment reports, cyber security reports, audit reports, access privileges, etc.) to identify violations, intrusion attempts, or security weaknesses Review potential new service provider or outsourcing relationships for business units and provide advisory services for information security due diligence Performs security operation processes and procedures , including, but not limited to: o maintenance of internal security and cyber security controls and policies o security awareness training and phishing campaigns o vulnerability assessments o patch management for endpoints Participate in audits of IT systems, network or application architecture and business processes for compliance with best practices and/or regulatory requirements. Review policies, standards and procedures to ensure compliance with best practices and compliance with regulations. Develop materials and processes to assist the business with implementing both technical and non-technical controls. About [24]7.ai Innovation Labs: [24]7.ai is a global leader in conversational AI and Customer Experience . We make it simple for consumers to connect with companies to get things done. [24]7.ai is redefining the way companies interact with consumers. Using artificial intelligence and machine learning to understand consumer intent, [24]7.ai’s technology helps companies create a personalized, predictive and effortless customer experience across all channels. We provide customer engagement solutions for service and sales powered by a cloud platform that uses big data and predictive analytics to deliver business outcomes. The world’s largest and most recognizable brands are using intent-driven engagement from [24]7.ai to assist several hundred million visitors annually, through more than 2.5 billion conversations, most of which are automated and learn from each consumer experience. We have one of the best work environments in Bangalore. The result is an order of magnitude improvement in digital adoption, customer satisfaction, and revenue growth. [24]7.ai Headquartered in San Jose, California, USA with R&D centres in the US, Canada, India, Australia and sales offices in the US, Canada, UK, and Australia. For more information, visit: Do you want to help define the next generation of customer experience? Reshape how consumers interact and engage with businesses? Then, this role might be for you. Does your profile matches to above Job description and looks exciting? Then look no further and share your resume to [email protected]Job tags
Salary
