upGrad
Location
Mumbai | India
Job description
upGrad
is South Asias largest higher EdTech company. With the latest technology, pedagogy, industry partners and world-class faculty, we create immersive online learning experiences for our learners globally. Back in 2015, our founders noticed that the rapidly evolving industry required professionals to continuously upskill themselves as learning for professionals comes to a halt after entering a working space. This was when upGrad was formed to impact the lives of working professionals by helping them upskill while they work. With an endeavour to facilitate quality education to the future workforce through our UG and PG programs, we continue to build online learning as interactive as a classroom setup. We are seeking a highly motivated and experienced individual to join our team as a Senior Associate in the Information Security Risk Assessment domain. As a key member of our Information Security team, you will be responsible for evaluating and managing potential security risks to our organization's sensitive data, systems, and infrastructure. Your expertise will play a critical role in ensuring the confidentiality, integrity, and availability of our digital assets. Role & responsibilities Conduct comprehensive risk assessments on Cloud, SaaS, App & On-premise Infra to identify vulnerabilities and potential threats to our information systems and data. Collaborate with cross-functional teams to analyse security measures and propose effective risk mitigation strategies. Develop and maintain risk assessment methodologies, frameworks, and documentation to ensure consistent and accurate evaluations. Stay updated on industry best practices, emerging threats, and regulatory compliance requirements to continuously enhance the organization's security posture. Lead the planning, execution, and reporting of security assessments on various IT systems, applications, and network infrastructure. Provide guidance and mentorship to junior team members, sharing your knowledge and expertise in risk assessment methodologies and information security practices. Collaborate with internal and external stakeholders to communicate risk assessment findings, recommendations, and remediation plans. Participate in the design and implementation of security controls, policies, and procedures to prevent and mitigate security risks. Assist in incident response and investigation efforts, as needed, to address security incidents and breaches. Participate in third-party vendor risk assessments to ensure compliance with security standards and contractual agreements. Preferred candidate profile Bachelor's degree in Information Security, Computer Science, or a related field. Master's degree is a plus. Professional certifications such as CISSP, CISM, CRISC, or equivalent. Proven experience (5+ years) in information security risk assessment, preferably in a complex and dynamic organizational environment. In-depth understanding of risk assessment methodologies, frameworks, and industry standards. Strong knowledge of IT security technologies, protocols, and practices. Proficiency in conducting security assessments, vulnerability assessments, and penetration testing. Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks effectively. Strong communication skills to convey complex technical information to both technical and non-technical stakeholders. Experience with security tools such as vulnerability scanners, SIEM, and penetration testing tools. Knowledge of regulatory requirements such as GDPR, or industry-specific regulations & standards like ISO 27001 A proactive approach to staying updated with the latest cybersecurity threats and trends. Ability to work both independently and collaboratively within a team.Job tags
Salary
