Cyber Security Control Ops Analyst

• Job Responsibilities

  • He /She shall be responsible for execution of various Information & Cyber Security controls and processes, daily security monitoring tasks and various weekly /monthly security controls & reporting activities (such as monitoring access logs and security violations, analyzing user access requests and conducting periodic access reviews, data collation /analysis & reporting, managing various security control books and procedural documentations etc.). 

  • He /She shall be responsible for execution of controls related to Regulatory & Head Office guidelines and ensuring compliance to those, conducting investigations and reporting of security incidents. He/ She shall be involved in imparting security training and awareness sessions.

  • He /She shall be responsible for execution of  various Security controls for the organization, and should be able to execute and improve the Security KRIs and appropriate reporting thereof. 

  • He /She shall be responsible to perform IT Security Risk assessments of new & existing processes, projects and applications / infrastructure.  

  • The incumbent shall be able to continuously analyse bank’s information security program, implementation & execution of defined controls, and work towards sustained compliance to those and improvement of the same

  Section: Knowledge,Skills,Experience & Qualifications

  A & B. Knowledge & Skills:

  • Detailed understanding of IT Security and Infrastructure practices, operations, standards and frameworks.

  • Good working knowledge of performing IT Security risk assessments

  • Good working knowledge of Identity & Access Mgmt (IAM) – user access reviews, related controls, system access matrix, RBAC etc. 

  • Good working knowledge of Data Protection & Security, DLP, data encryption etc.

  • Good working knowledge of SIEM /SOC and /or other Security Monitoring Tools (such as NAC, NBAD, DAM etc).

  • Good working knowledge of handling information/cyber security alerts & incidents. 

  • Good working knowledge in Vulnerability Assessments (VA /PT) and/or System Security Hardening and appropriate remediations. 

  • Fair understanding / Experience of working on Security Audits – would be preferred, but not mandatory. 

  • Good working knowledge on MS Office tools like Excel, Powerpoint would be essential. Should be well versed with various functions and data handling techniques in Excel. 

  • Ability to execute / implement Information Security Operations processes, and perform daily / weekly /monthly security controls and tasks.

  • Ability to work on routine security activities as well complex technical security projects and initiatives.

  • Proven track record in IS processes execution and enhancements. 

  C. Experience:

  • Around 4 to 6 years of progressive experience in the field of Information & Cyber Security, including experience in either Data security, Access & Identity Management (IAM) or  Cyber Security, Security Controls & Operations in a global environment. Experience in BFSI or Banking environment would be preferred, but not mandatory. 

  D. Qualifications:

  • Must have completed a Bachelor’s degree (preferably BE / B.Tech.). A Master’s degree in Information Systems will certainly be preferred.

  Section: Certification – Select the relevant Certifications from the list below :

  Any one or more of the below or other similar security related certifications:

  • ISO 27001 Lead Implementer / Auditor

  • Lead Auditor Certified from Reputed ISO Certification Body (such as BSI)

  • Certified Information Systems Auditor (CISA)

  • Certified Information Security Manager (CISM)

  • Certified Information Systems Security Professional (CISSP)

   

The incumbent shall be responsible for the maintenance of Information Security policies & Procedures and related Implementation & Compliance adherence thereof. Execution of daily security controls /regular periodic processes (such as system/application log monitoring, user access reviews, data collation /analysis & reporting etc) would be a primary responsibility for this role.