Security Compliance Analyst

About this opportunity

We are now looking for a Security Compliance Analyst professional. This position will be within the Security Compliance team with a primary objective to identify security control gaps as well as vulnerabilities. Professionals with their wide proven track record would be encouraged to ensure that the Managed Services delivery unit adheres to the security compliance requirements as per the customer’s security policy and any applicable regulatory requirements. The professional will work alongside a highly skilled, complementary team, making sure that the information assets, that we are responsible to protect, are secured !

• We believe in trust – we trust each other to do the right things.

• We believe in taking decisions as close to the product and technical expertise as possible.

• We believe in creativity – trying new things and learning from our mistakes.

• We believe in sharing our insights and helping one another to build an even better user plane.

• We truly believe in happiness, we enjoy and feel passionate about what we do and value each other’s technical competence deeply.

What you will do :

• Ensure that Information Security Requirements for the specific contract will be adhered to and maintained.

• Perform periodic risk and security assessments, review and propose updates to the Information Security Requirements.

• Maintain the personnel’s awareness of up-to-date security policies and procedures.

• Perform periodic checks that only the authorized persons have access rights to information, systems, and facilities, and report findings.

• Perform periodic review of the contracted customer delivery against ISO27001 standard.

• Test the security control efficiency and identify gaps (if any).

• Provide recommendations in lieu of security exceptions, provide risk analysis, and recommend actions.

You will bring :

• ISO 27001 Lead Implementer, ITIL, CEH, OSCP, CISA, CISSP, and CISM certifications will be an advantage.

• Good understanding of ISMS (Information Security Management System), ISO27001 standard and prior experience of conducting IT audits.

• Knowledge of data privacy and GDPR.

• Should be adept at conducting gap analysis & risk assessments to identify high risk areas and recommend controls to address the risk areas.

• Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks, also with available security control (technical & process control) for respective layers.

• Non-technical proficiencies & good documentation, analysis skills.

• Ability to work both in a team as well as individually.

• Customer oriented, Service minded & deliver results & meet customer expectations.

• Excellent communication skills, English is a must.

Key Qualifications:

• Qualifications: BE/ B.Tech (Telecommunication/ Computer Science) / MBA

• Proven experience: 2 years in Security Governance, Risk and Compliance (GRC) & 6 to 12 years experience in IT.