Thanks for usingCareesma. Job Offer printed on the 21/02/2019.

Information Security Incident

Mumbai, Maharashtra

Placewell Consultant

Job Description

*Incident Management (75 %):
- Confirming whether reported incidents are actually security incidents
- Classifying the incident according to Organisations incident classification categories
- Managing security incidents to ensure they are confirmed, contained, and remediated in a timely manner
- Escalating incidents within Information Security when required
- Ensuring a root cause analysis is performed when appropriate
- Ensuring all required documentation is recorded
- Communicates alerts regarding intrusions and compromises to network infrastructure, applications and operating systems along with Data Leakage incidents.
- The candidate must have insight into industry trends, current attack techniques, threat intelligence .
- Constantly evaluate the ever-changing threat landscape, take feedback from stakeholders, clients to determine any gaps organization may have with their existing policies and programs

*Business As Usual (25%)
- Supporting business and clients requirements, including responding to client enquiries which come to the ad-hoc mailbox.
- Forwarding enquiries to the appropriate teams
- Undertaking such other tasks and responsibilities as assigned by the CISO / ISM

#Communications and Relationships:
- With the CISO, IT Security Directors and security team; Information Security Programme Manager and project managers, Risk & Compliance, Legal, Audit, IT, Procurement and other support functions as well as operational management and client-facing teams.
*External: Customers and suppliers

- Global Business Knowledge
- Cross-Cultural Resourcefulness
- Cross-Cultural Agility
- Assignment Hardiness
- Cross-Cultural Sensitivity
- Humility
- Conflict Management
- Organizational Agility
- Customer Focus
- Integrity and Trust
- Personal Learning

#Required Qualifications, Skills, Knowledge, Experience:
- Qualified to degree level, preferably in a business, IT or security related subject.
- Be interested in developing skills and knowledge in information security, and willing to work towards appropriate professional qualifications, such as Security+, CEH, CHFI & CISSP.
- Formal training in security, risk management or compliance is beneficial.
- Whilst this is not a hands-on technical role, the role holder will be expected to demonstrate a strong awareness of technology and how IT is used to enable business processes.
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks
- Ability to work with business, security, Legal, and IT representatives
- Ability to document and escalate Security Incidents including events, history, status, and potential impact
- Proven ability to work in global collaborative group environment
- Experience working with a high degree of autonomy, managing own workload and delivering to tight timescales
- Strong communication skills, both oral and written
- Strong organizational skills
- Basic understanding of global privacy and breach notification requirements
- Basic understanding of chain of custody and evidence preservation
- Strong IT and analytical skills
- A solid foundational understanding of TCP/IP and networks to include firewalls, routers, and ACLs
- Ability to convey security concepts related cyber security events to both technical and non-technical audiences
- Proactive rather than reactive
- Team player with good interpersonal skills
- Ability to work under pressure to tight timelines
- Organised and methodical
- Willing to challenge and desire to learn
- Good communication skills, both orally and in writing
- Ability to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforce

- Knowledge of Security Incident categories, incident responses and handling methodologies
- Knowledge of systems and application security vulnerabilities Knowledge of what constitutes a network attack and the relation ship to both threats and vulnerabilities
- Knowledge of general attack stages (e.g., reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions)
- Knowledge and understanding of security and IT concepts
- Experience of working in an analytical role, with an ability to interpret data, prepare reports and undertake business support activities.
- Experience working as part of a business support function such as risk, compliance or information security in a large enterprise.
- Existing Information Security experience of Around 3 5 years
- IT security, service delivery, systems development or similar experience
- Demonstrable knowledge of security risk management tools, methodologies and practices
- Knowledge of security standards, frameworks, regulation and legislation
- Experience of managing own workload and delivering to tight timescales.
- Other relevant experience, e.g. IT audit / information assurance experience of working in a regulated environment, not necessarily insurance or financial services.

#Regulatory Requirements
*Other e.g. location / business specific inc. language skills etc.
- Fluent Business English essential.
- Other languages are an advantage.
- This role will be based in a geographic location appropriate to the needs of the business, and appropriate local language skills may be required.
- Some travel between offices may be required, including inte

Company Description

Having forged a strong network of corporate relations, with our ability to serve them for HR... requirements and training Programmes with our Expertise acquired through years, Finish assignments before deadlines, along with being accurate to the requirements, has made us a force in reckoning.   Read full description

Additional Information

Last updated:
Job type:
Full time
Position type:
Minimum experience:
Between three and five years
Compulsory Education
Jobs in Banking / Financial Services
Go to Top