Junior Information Security Analyst

Job Description

POSITION SUMMARY: This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned. This position requires: Works on Vendor IT Security risk assessment/ Third Party Risk management Monitor Security posture and appraise Senior Leadership on the posture. Conduct phishing campaigns that includes analysis of phishing emails and develop reports. Experience in performing Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems. Knowledge about latest regulations, compliance, standards, and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, etc. Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization. Strong proficiency in Microsoft Office applications (MS Excel, Word, PowerPoint etc.) with a general understanding of data analysis techniques JOB FUNCTIONS AND RESPONSIBILITIES Perform IT security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed. Perform and oversee Information Security Policy Framework Recommend appropriate corrective actions and remediation plans for risks identified. Assist in developing the implementation of risk mitigation measures. Work with the Business functions to ensure security standards are in-line with Onity s risk management and information security policies. Plan and execute vendor IT and Security audit programs in-line with Onity s risk management policies. EDUCATION / EXPERIENCE 1-3 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles Bachelor s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage. Preferred Certifications CGEIT or CISM CISSP ISO 27001 Demonstrated experience in conducting Risk Assessments for Vendors, Internal and External stakeholders. Experience in Information Security or demonstrated knowledge on Information Security Operations. Demonstrated experience in a multi-vendor environment. Demonstrated experience in Cloud Security assessments on various Cloud platforms such as AWS, Azure, Oracle etc. WORK SCHEDULE OR TRAVEL REQUIREMENTS 2 PM to 11 PM