Job title: Senior Information Security Analyst
POSITION SUMMARY:
The role of Senior Information Security Analyst is to assist the Global InfoSec team with Internal Technical Controls to conduct risk assessments analyzes and assessing vulnerabilities in the infrastructure (software, hardware, networks) to identify and document gaps or weaknesses in security controls to provide recommended solutions to address identified gaps.
The Senior Information Security Analyst is responsible for performing assessments, document findings, gathering IT audit evidence, developing reports or presentations and other key tasks during the assessment process.
Position : Senior Information Security Analyst
Reports to : Director, InfoSec GRC
Department : Information Security
Experience required : 4 – 7 years
Job Location : Bangalore, India (Hybrid model)
POSITION RESPONSIBILITIES:
- Review technical configurations from various operating systems and security solutions (Windows, Linux, AD, VMware, IDS/IPS, FIM, SIEM, WAF, AV, endpoint encryption, etc.) to determine/enhance the parameters to meet industry-accepted hardening standards such as NIST, CIS, SANS, etc.
- Manage automated vulnerability scanning tools and run against all on premise and cloud-based systems and applications
- Review security reports from various security technologies (vulnerability assessment reports, cyber security reports, audit reports, access privileges, etc.) to identify violations, intrusion attempts, or security weaknesses
- Review potential new service provider or outsourcing relationships for business units and provide advisory services for information security due diligence
- Participate in risk assessments of IT infrastructure and applications, document audit findings, maintain risk register and prepare draft reports.
- Performs security operation processes and procedures, including, but not limited to:
- maintenance of internal security and cyber security controls and policies
- security awareness training and phishing campaigns
- vulnerability assessments
- patch management for endpoints
- Participate in audits of IT systems, network or application architecture and business processes for compliance with best practices and/or regulatory requirements.
- Review policies, standards and procedures to ensure compliance with best practices and compliance with regulations.
- Develop materials and processes to assist the business with implementing both technical and non-technical controls.
Required Skills and Abilities:
- University degree in Computer Science, Information Technology or Cyber security related fields.
- Information security certifications such as CISSP, GIAC, CRISC, etc.
- Previous experience of 4-6 years specifically in the information security industry preferred
- Strong knowledge of technical configurations from various operating systems and security solutions (Windows, Linux, VMware, IDS/IPS, HIPS, FIM, SIEM, WAF, Cyber Security, encryption, etc.)
- Excellent proficiency in penetration testing, vulnerability scan tools, SIEM tools, network management, remote access and mobility security tools/control
- Ability to read technical and business documents with deep comprehension
- Ability to use active listening skills to identify key information and isolate areas for follow up
- Ability to document risk to IT systems and associated business processes including development of spreadsheets, reports and presentations
- Ability to identify policy compliance with regulatory/compliance requirements (e.g., PCI, HIPAA/HITRUST, SOC), information security frameworks and controls (e.g., NIST, ISO, CIS).
- Ability to develop policies, standards and baseline configurations
- Strong attention to detail and ability to document findings and convey information
- Ability to manage project deliverables and deadlines
- Ability to clearly communicate with co-workers, management, and vendors.
- Must be available for after-hours implementations, testing and support in a 24x7 technical business environment.
About [24]7.ai Innovation Labs:
[24]7.ai is a global leader in conversational AI and Customer Experience. We make it simple for consumers to connect with companies to get things done.
[24]7.ai is redefining the way companies interact with consumers. Using artificial intelligence and machine learning to understand consumer intent, [24]7.ai’s technology helps companies create a personalized, predictive and effortless customer experience across all channels. We provide customer engagement solutions for service and sales powered by a cloud platform that uses big data and predictive analytics to deliver business outcomes.
The world’s largest and most recognizable brands are using intent-driven engagement from [24]7.ai to assist several hundred million visitors annually, through more than 2.5 billion conversations, most of which are automated and learn from each consumer experience. We have one of the best work environments in Bangalore. The result is an order of magnitude improvement in digital adoption, customer satisfaction, and revenue growth.
[24]7.ai Headquartered in San Jose, California, USA with R&D centres in the US, Canada, India, Australia and sales offices in the US, Canada, UK, and Australia.
For more information, visit: www.247.ai/company
Do you want to help define the next generation of customer experience? Reshape how consumers interact and engage with businesses? Then, this role might be for you.
Does your profile matches to above Job description and looks exciting? Then look no further and share your resume to Arshad.s@247.ai
Read Full Description