2022 Analyst II - Information Security - Thiruvananthapuram null

About the job role

Under guidance and support from the supervisors carry out cross-domain tasks assigned (including internal and external audits customer assurance awareness training VAPT Red Teaming etc.) with better knowledge and competence (Maximum supervision)

Outcomes

• Handle the assigned tasks from the allocated domain with guidance from the leads. (Domain Examples: BCMS Risk assessment Incident management HITRUST SOC Customer Assurance Awareness activities Data Privacy VAPT Red Teaming etc.)
• Assist leads in internal/external audits to ensure compliance with ISO 27001/ISO 22301/ISO 27701 requirement as well as business-specific requirements.
• Responsible for the internal audits/security assessments report preparation and follow-up for the closure of respective audit reports.
• Understand and Evaluate IT Controls and assist in Risk Assessment
• Tracking and following up for the Risk closure.
• Learn and understand existing and emerging management practices and link with security control points with guidance from the leads.
• Handle preparatory sessions and evidence collections from all applicable teams as part of any external audits with minimum guidance from the leads.
• Comfortable with CTFs or Bug Bounty activities.
• Assist the leads in customer discussions to identify/document the requirement.
• Perform security assessments and assist in preparing comprehensive technical reports for the assessments within the stipulated time.
• Involve in the automation activities within the team.
• Contribute to infosec awareness activities with support from leads.
• Assist in establishing a tracking and reporting strategy.

Measures Of Outcomes

• Number of internal audits attended or security assessments been a part of
• Adherence to applicable SLAs
• Number of areas of responsibility on cross domains.
• Less than two stakeholder escalations
• More than two appreciation from the stakeholders/leads.

Outputs Expected

• Policy and Procedure amendments Awareness training materials Presentations decks for internal/ external discussions Audit / Security Assessment reports

Process

• Internal ISMS audits – assisting in audits prepare audit reports and follow-up for the audit report closure
• Compliance Audits - Assisting certification audits to conduct preparatory sessions and evidence collection
• Infosec activities – training material conducting sessions co-ordinate with other teams for training conducting
• Customer Assurance – assist in evidence collection
• Vulnerability Assessment and Penetration Testing/Red Teaming Activities
• CM activities
• Assisting the leads in executing other location responsibilities.

Training Or Certifications

• 5 per year (1 certification and minimum 4 of UST training related to Information/Cyber Security domains)

Skill Examples

• Ability to understand prioritize and escalate tasks to resolve issues quickly and make decisions.
• Strong Excel and Dashboard skills
• Good Presentation and communication skills
• Excellent verbal and written communication skills required including the ability to effectively communicate in both highly technical and non-technical environments.
• Detail-oriented customer-oriented result delivery oriented analytical thinking
• Good at working in a team and with other teams
• A great problem solver with the knack of coaching others to do the same
• Good time management
• Self-motivated and enthusiastic
• A desire for continuous learning and skill development.