Information Security Analyst II

4 - 6 Years
Bengaluru
Not Disclosed by Recruiter
Posted: 14 days agoOpenings: 1Job Applicants: 482Job Views: 689

Job Description

Summary:

The Information Security Analyst II will support the security policies, practices, procedures, and technologies in order to ensure the protection of networks, systems, applications, and data. This role will be looked to as an information security expert within the organization, helping ensure corporate security controls are effective. This role will also be involved with day-to-day security operations by responding to security events of interest and recommending corrective action by working with IT and non-IT team members.

This job is responsible/accountable for supporting the processes and objectives of the Governance, Risk, and Compliance (GRC) function and Payment Card Industry (PCI) Compliance Program within the Information Security department.

Description

The Information Security Analyst II will support the security policies, practices, procedures, and technologies in order to ensure the protection of networks, systems, applications, and data. This role will be looked to as an information security expert within the organization, helping ensure corporate security controls are effective. This role will also be involved with day-to-day security operations by responding to security events of interest and recommending corrective action by working with IT and non-IT team members.


This job is responsible/accountable for supporting the processes and objectives of the Governance, Risk, and Compliance (GRC) function and Payment Card Industry (PCI) Compliance Program within the Information Security department.


Education


College degree: Management of Information Systems, Information Security, Business/Accountancy (auditing focus), related field, or equivalent experience


Experience

  • Experience with audits, controls, and PCI and/or ISOrequirements
  • Experience administering and creating workflows in GRC tools
  • Experience working in a highly-regulated environment

Preferred

  • Qualified and successful candidates will have at least2 years of experience working within information security or IT audit roles or 4-6 years in information technology.

Knowledge, Skills and Abilities

  • Working knowledge with IT security, compliance, and regulatory requirements, such as: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), Healthcare Information Privacy Protection Act (HIPPA), state and Federal privacy laws
  • Advanced knowledge of IT security concepts.

Preferred

  • Certified Information Systems Auditor (CISA)
  • GIAC Security Essentials (GSEC)
  • Other Governance, Risk, Compliance, Audit, or Security certifications

Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and Federal privacy laws, and general security auditing


Participate in a vulnerability management program that includes: external and internal vulnerability scans of applications and systems, external and internal penetration tests of applications and systems, the documenting and remediation of identified vulnerabilities and exploits, routinely monitoring various communication avenues for security vulnerabilities and security patches, taking a risk based approach comparing those security vulnerabilities and security patches across the operating environment, and making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities


Participate and represent the organization’s security interests in third party and customer contract reviews


Facilitate and manage the policy exception, risk acceptance, policy management and other GRC workflows within the security function


Additional Job Description


Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and Federal privacy laws, and general security auditing


Participate in a vulnerability management program that includes: external and internal vulnerability scans of applications and systems, external and internal penetration tests of applications and systems, the documenting and remediation of identified vulnerabilities and exploits, routinely monitoring various communication avenues for security vulnerabilities and security patches, taking a risk based approach comparing those security vulnerabilities and security patches across the operating environment, and making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities


Participate and represent the organization’s security interests in third party and customer contract reviews


Facilitate and manage the policy exception, risk acceptance, policy management and other GRC workflows within the security function



Salary: Not Disclosed by Recruiter

Industry:IT-Software / Software Services

Functional Area:Other

Employment Type:Full Time, Permanent

Keyskills

Desired Candidate Profile

Please refer to the Job description above

Company Profile

CSG System International(India) Pvt Ltd

CSG International is a multinational corporation that provides Business Support Systems software and services. They pride themselves in helping communications and media service providers predict market changes and stay one step ahead.
View Contact Details+

Contact Company:CSG System International(India) Pvt Ltd

Reference Id:17186

Apply