Salary: Negotiate

Loading ...

Job content

JOB PURPOSE
This role will be focused on security operations’ delivery. Actively contribute in establishing a program to deter, detect and mitigate risks, including establishing capability to monitor and audit information, evaluate personnel security information, establish employee awareness, driving assurance test and supporting internal and external audits. Consult with Business to ensure balance is maintained with compliance to deliver the best security solution within the contractual, regulatory and CNX standard offering limits. Involvement in technical discussions and solutions to ensure best and the out-of-the-box ideas are disseminated to meet security with business. Responsible and accountable for performing the assurance testing like the security health check of the servers, network devices, vulnerability assessment of the infrastructure, ID Validation etc. to ensure the Corporate Security Standard is established and measured as per the requirement. Require results to be achieved through direct interaction as well as influencing other internal groups or individuals. Support incidence response as required
ORG LEVEL
Specialist I – CL – 9A / 9B
ACCOUNTABILITY
• To support multiple sites and co-ordinate non-compliances with DPEs to ensure balance of business with compliance
• Ensure regulatory requirements control objectives like PCI, FFIEC, HIPAA, SSAE16 are met at the location
• Accountable for managing security tools as required e.g. IPS, AV, Content Filter, Nessus Scanner, Nipper, TEM, PGP, FIM
• Performing proactive risk assessment and ensure corrective action are taken
• Perform weekly log review of TACACS, Firewalls (IES), IPS and ensure corrective action are taken
• Understand and able to interpret the contractual requirements for reviewing the business needs
• Approve business requirements based on risk assessment
AREAS OF RESPONSIBILITY
• Compliance to CNX Security standards
• Accountable for Security Calendar Activities like TCP/IP scanning, ID Validation, Health checks, Logs review, Anti-Virus management, Patch Management, Business Continuity needs, on schedule and ensure closure of all related tasks
• Monitor Ensure governance of IT Security processes & practices, operations’ delivery and take corrective action as required.
• Coordinating and Supporting CNX/Client/Internal/Standards (PCI, ISO 27001, SSAE16, APRA, FFIEC etc.) audits
• Gather Identify customer requirements/contractual obligations and ensure compliance at the location
• Understanding of the Global Security requirements, Regulatory, cross country laws, contract interpretation and maintain security & compliance while balancing the business requirement
• Support regulatory requirements PCI, FFIEC, HIPAA, SSAE16 at the location
• Support new solutions as required
• Ensure compliance to internal and client requirements during transition and during ramp down
• Performing proactive risk assessments
• Analyze, make recommendation and ensure Publishing dashboards on a regular basis
SKILLS & REQUIREMENTS
• Knowledge of Security Tools like Symantec Endpoint Protection, Nessus, IPS, Websense, SIEM, Content Filter, DLP and other security perimeter and network tools
• Ability to handle and analyze data security incidents and correlate them with relevant evidence as and when required
• Security Log Analysis and correlation and taking proper required action
• High level understanding of Windows security architectures (Domain, Trusts, Group Polices, Security Logs, Authentication etc), firewalls (ACLs, Logging, Authentication etc), routers (Routing, Redundancy, Failover, RADIUS Authentication etc) with relevant experience
• Basic understanding of UNIX Technologies (Linux etc.) like Installation, TCP/IP Configuration, IPTABLES, DNS etc will be an added advantage
• Risk Assessment and Auditing – Against Industry standard like ISO27001, Contractual Requirements and produce risk reports
• Good communication skill both verbal and written; Good English is mandatory
• Understand the business and client requirements and respond accordingly from the Security standpoint.
• Ability to provide solutions on day to day complex requirements
• Ability to think rationally on the business and client security requirements and address them
• A total of 6-10 years of relevant experience in field of IT / IT Security tools and technology.
CERTIFICATION(S) : Security certifications like Security+, CEH, CHFI, CISA, CISM, CISSP, ISO27001 is preferred but not mandatory.
Loading ...
Loading ...

Click to apply for free candidate

Apply

Loading ...
Loading ...

SIMILAR JOBS

Loading ...
Loading ...