Applicantz
Location
Delhi | India
Job description
THIS IS A LONG TERM CONTRACT-TO-HIRE POSITION WITH ONE OF THE LARGEST, GLOBAL, TECHNOLOGY LEADER. Remote Hybrid work. Our large, Fortune Technology client is ranked as one of the best companies to work with, in the world. The client fosters progressive culture, creativity, and a flexible work environment. They use cutting-edge technologies to keep themselves ahead of the curve. Diversity in all aspects is respected. Integrity, experience, honesty, people, humanity, and passion for excellence are some other adjectives that define this global technology leader.
As a Security Exception and Risk Engineer, you will implement tools, analyze and escalate risk, and develop scalable solutions to enhance Client’s Security Policy Exception process. Your primary responsibility would be to lead our policy exception process. This process includes day-to-day activities like reviewing policy exception submissions, determining risk, providing guidance on remediation, and assisting in implementing mitigating controls for Security Exceptions. If a risk can’t be remediated or mitigated, then exceptions should be escalated to the appropriate level of leadership for risk acceptance. On top of the day-to-day operations, this role will be responsible for delivering a security strategic initiative project to revamp our policy exception process and tooling. Responsibilities include: Delivering on Client's Security Policy Exception process revamp to reduce risk, provide stronger security guidance to employees, and provide risk-based reporting to leadership. This project reports to our Chief Security Officer. Lead the Policy Exception process by supporting day-to-day operations of analyzing, mitigating, and escalating exceptions as needed. Improve Client's ability to better protect its environment through the design, development, and implementation of security analytics, assessment, and correlation and response systems to effectively use Client's security investments. Education & Experience Bachelor's degree (B.Tech) in computer science or related field, or equivalent work experience working in cybersecurity. The preferred candidate will have 5-6 years’ experience in infrastructure security. Acceptable candidates will have 5-6 years general cybersecurity risk (all are encouraged to apply). Required Knowledge The preferred candidate will understand how to assess the impact from various risks along the NIST (National Institute of Standards and Technology) Cybersecurity framework. This includes but is not limited to: How to create a threat model. How control works to mitigate risk. Understand cloud-based technologies and how to secure them. The essentials of cybersecurity tools such as endpoint protection, vulnerability management, firewalls, and network segmentation. An understanding of common criteria such as OWASP (Open Web Application Security Project) top 10. Skills Desired Excellent analytical skills, organizational skills, ingenuity, and the ability to work as part of a team Excellent communication skills and ability to deal with conflict and lead negotiations. Advanced interpersonal skills to effectively promote ideas and collaboration at the various levels of the organizationJob tags
Salary
