2 Threat Profiling Jobs

Senior Advisor - Business Security Location: Thane/Vikhroli 5 days work from office in a MONTH Shift: 1.30 P.M. to 10.30 P.M. The Company: UK based one of the largest MNCs is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. One of the oldest MNCs, has more than 42,000 employees serving more than 142 countries. Business Unit The mission of the Business Information Security team is to be Information and Cyber Security trusted advisors to senior business and technology stakeholders. When they're forming strategy and delivering business change, we aim to help them ensure that their business continues to be secure and compliant in line with our information and cyber security policies and standards. Job Summary As the Information Security Associate within the Business Security Operations (BusSecOps) team, you will be responsible for implementing and maintaining information & cyber security practices. Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards. You will need to take a leadership role in building security testing framework for web-based applications which includes Threat Profiling, DAST, SAST, Security Architecture, and Penetration testing. In this role, you are expected to understand the organizations information & cyber security strategy and standards while working collaboratively with technology teams to implement and maintain sound security practices. This role resides in our Information & Cyber Security (ICS) team within Corporate IT. Roles & Responsibilities Build and maintain effective relationship with technology teams and ICS stakeholders Foster a culture of information and cyber security best practices though awareness and support Stay up to date with the latest application security developments and security trends to continually improve internal processes Hold good understanding of Application & Infrastructure testing methodology & support development teams in the remediation of vulnerabilities Work with development teams to improve the secure software development lifecycle Engage in information security activities to support client/business engagements i.e., incidents, vulnerabilities, development lifecycles, risk management and emerging threats Ability to coordinate and execute security testing for applications and cloud environments Engage with key stakeholders to support internal and external audit activities to ensure compliance with regulations such as: SOC, FCA, NYDFS, GDPR, HIPAA Demonstrate a good understanding of security regulations and data privacy laws Support the risk identification & exceptions management process Manage and oversee adhoc projects related to maturing information and cyber security controls across the organizationR. Education Qualification: Degree in a relevant Business or Information Technology area Experience Band: 5 - 12 yrs. Technical Skills: Need to have Degree in a relevant Information Technology area preferably with a focus on information security Significant experience in managing and patching vulnerabilities across a host of assets Expert understanding of all aspects of information security principles, policy and its application in business and technology areas Understanding of core cloud security principles Knowledge and experience on supporting information security audits Technical Skills: Nice to have Client focus: ability to engage positively with clients and business stakeholders. Information Security specific certification is desirable (such as CISM, CISSP, CISA, CEH) Full JD will be shared on email Best Regards, Uma SW +91 98 22 780 197 uma@starlighthr.com I https://starlighthr.com/

Senior Advisor - Business Security Location: Thane/Vikhroli 5 days work from office in a MONTH Shift: 1.30 P.M. to 10.30 P.M. The Company: UK based one of the largest MNCs is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. One of the oldest MNCs, has more than 42,000 employees serving more than 142 countries. Business Unit The mission of the Business Information Security team is to be Information and Cyber Security trusted advisors to senior business and technology stakeholders. When they're forming strategy and delivering business change, we aim to help them ensure that their business continues to be secure and compliant in line with our information and cyber security policies and standards. Job Summary As the Information Security Associate within the Business Security Operations (BusSecOps) team, you will be responsible for implementing and maintaining information & cyber security practices. Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards. You will need to take a leadership role in building security testing framework for web-based applications which includes Threat Profiling, DAST, SAST, Security Architecture, and Penetration testing. In this role, you are expected to understand the organizations information & cyber security strategy and standards while working collaboratively with technology teams to implement and maintain sound security practices. This role resides in our Information & Cyber Security (ICS) team within Corporate IT. Roles & Responsibilities Build and maintain effective relationship with technology teams and ICS stakeholders Foster a culture of information and cyber security best practices though awareness and support Stay up to date with the latest application security developments and security trends to continually improve internal processes Hold good understanding of Application & Infrastructure testing methodology & support development teams in the remediation of vulnerabilities Work with development teams to improve the secure software development lifecycle Engage in information security activities to support client/business engagements i.e., incidents, vulnerabilities, development lifecycles, risk management and emerging threats Ability to coordinate and execute security testing for applications and cloud environments Engage with key stakeholders to support internal and external audit activities to ensure compliance with regulations such as: SOC, FCA, NYDFS, GDPR, HIPAA Demonstrate a good understanding of security regulations and data privacy laws Support the risk identification & exceptions management process Manage and oversee adhoc projects related to maturing information and cyber security controls across the organizationR. Education Qualification: Degree in a relevant Business or Information Technology area Experience Band: 2 - 6 yrs. Technical Skills: Need to have Degree in a relevant Information Technology area preferably with a focus on information security Significant experience in managing and patching vulnerabilities across a host of assets Expert understanding of all aspects of information security principles, policy and its application in business and technology areas Understanding of core cloud security principles Knowledge and experience on supporting information security audits Technical Skills: Nice to have Client focus: ability to engage positively with clients and business stakeholders. Information Security specific certification is desirable (such as CISM, CISSP, CISA, CEH) Full JD will be shared on email Best Regards, Uma SW +91 98 22 780 197 uma@starlighthr.com I https://starlighthr.com/