: Job Responsibilities
- He /She shall be responsible for execution of various Information Security controls and processes, daily security monitoring tasks and various weekly /monthly security controls & reporting activities (such as monitoring access logs and security violations, analyzing user access requests and conducting periodic access reviews, data collation /analysis & reporting, managing various security control books and procedural documentations etc.).
- He /She shall be responsible for execution of controls related to Regulatory & Head Office guidelines and ensuring compliance to those, conducting investigations and reporting of security incidents. He/ She shall be involved in imparting security training and awareness sessions.
- He /She shall be responsible for execution of various Security controls for the organization, and should be able to execute and improve the IT Security KRIs and appropriate reporting thereof.
- He /She shall be responsible to perform IT Security Risk assessments of new & existing processes, projects and applications / infrastructure.
- The incumbent shall be able to continuously analyse bank’s information security program, implementation & execution of defined controls, and work towards sustained compliance to those and improvement of the same.
A & B Knowledge & Skills:
- Good understanding of IT Security and Infrastructure practices, operations, standards and frameworks.
- Good knowledge of performing IT Security risk assessments
- Good working knowledge of Identity & Access Mgmt (IAM) – user access reviews, related controls, system access matrix, RBAC etc.
- Good knowledge of Data Protection & Security, DLP, data encryption etc.
- Good working knowledge of handling information security incidents.
- Good working knowledge in Vulnerability Assessments (VA /PT) and/or System Security Hardening and appropriate remediations – would be preferred, but not mandatory.
- Good working knowledge of SIEM tools and /or other Security Monitoring Tools, and handling Security Incidents. – would be preferred, but not mandatory.
- Fair understanding / Experience of working on Audits – data collation for Audits etc – would be preferred, but not mandatory.
- Good working knowledge on MS Office tools like Excel, Powerpoint would be essential. Should be well versed with various functions and data handling techniques in Excel.
- Ability to execute / implement Information Security Operations processes, and perform daily / weekly /monthly security controls and tasks.
- Ability to work on routine security activities as well complex technical security projects and initiatives.
- Proven track record in IS processes execution and enhancements.
C. Experience:
- At least 2 to 4 years of progressive experience in the field of Information & Cyber Security, including experience in either Data security, Access & Identity Management or IT / Cyber Security, Security Operations in a global environment. Experience in BFSI or Banking environment would be preferred, but not mandatory.
D. Qualifications:
- Must have completed a Bachelor’s degree (preferably BE / B.Tech.).