Trivandrum, Kerala
3 days ago
Senior Analyst - Information Security
Description

Information Security – Client Assurance Service Management

Coordinate Information Security support for prospect calls, ensuring swift responses in competitive scenarios.Manage the On-Call rotation schedule and Jira requests, ensuring proper ticket handling and effective communication with stakeholders.Handle initial assignment and reassignment of tickets, ensuring closure and professional engagement with the Security Analyst team.Coordinate client assessments, develop Project Plans, and review due diligence questionnaires.Communicate effectively with customers, promptly closing tickets with clear and professional responses.Identify and capture risk concerns, mapping audit evidence to NIST controls.Own all tickets coming into the client assurance portal, managing SLAs and completion of requests, including third-party risk and Vendor management reviews.Ensure all activities are properly documented, tickets are communicated professionally, and documentation is organized efficiently.Develop and document processes for the entire team, managing adherence to evolving requirements.Oversee day-to-day activities of the Client Assurance support resources, including Service Management and Security Analyst functions in the US and India.Work with HR, Compliance, Legal, Sales, and Engineering to ensure the team has the latest information for successful third-party audits.Own the tooling and management of processes related to Jira, Loopio, and other reporting or Audit tools, ensuring continuous improvement for the overall Information Security function.Responsible for new hire training and ongoing, up-to-date training for the larger Enterprise security team to meet compliance requirements.Assist with required governance, risk, compliance and audit tasks or activities such as assisting with audit evidence collection e.g., SOC2, SOC1, PCI, etc.

General Responsibilities

Organize and update content on the Information Security page, facilitating access for new employees.Organize SharePoint folders for easy access to Service Management information.Review and update Client Assurance Standard Operating Procedure, ensuring alignment with the team's evolving needs.Schedule and lead monthly RFP meetings, providing guidance on process changes.Update the Client Assurance section of the weekly Control Report and present relevant information during management calls.Identify ongoing training for team members, staying informed about security conferences, and educating the team on relevant tools.RequirementsStrong Communication (Verbal and Written) and presentation skills.Self-Starter that can effectively operate at a high level under limited supervision. Bachelor’s/master’s in engineering/Cybersecurity or equivalent.CISA, CISM, CISSP certifications would be an added advantage.Knowledge of NIST Risk Management Framework (RMF), GRC tools.Ability to prioritize tasks, make quick decisions, and a strong understanding of security controls and governance.2 - 5 years of experience in a client service or ITGC auditee/auditor function handling complex requests and audit responses.Previous management experience would be a plus.A strong understanding of cybersecurity principles, concepts, and best practices.Familiarity with compliance frameworks or standards such as NIST, GDPR, SOC 1 and SOC 2, and PCI DSS service providers is an added advantage.Ability to understand prioritize and escalate tasks to resolve issues quickly and make decisions. 

Confirm your E-mail: Send Email