Immediate opening For Security Specialist

Job Description

Hi All,We have an opening for one of our client.location: GurgaonJob Description Routine line management and leadership of staff within the Information Security Managementfunction Leadership and strategic direction for the function, ranging from planning and budgeting tomotivational and promotional activities expounding the value of information security Liaison with and offers strategic direction to related governance functions (logical access control,Risk Management, IT, Compliance) plus senior and middle managers throughout the organization asnecessary, on information security matters such as routine security activities plus emerging securityrisks and control technologies Recruitment, leadership and direction for a loose network of information security ambassadorsdistributed throughout the organization Leads the design, implementation, operation and maintenance of the Information SecurityManagement System based on the ISO/IEC 27000 series standards, including certification againstISO/IEC 27001 where applicable Forms a centre of excellence for information security management, for example offering internalmanagement consultancy advice and practical assistance on information security risk and controlmatters throughout the organization and promoting the commercial advantages of managinginformation security risks more efficiently and effectively Leads or commissions the preparation and authorizes the implementation of necessaryinformation security policies, standards, procedures and guidelines, in conjunction with the SecurityCommittee Leads the design and operation of related compliance monitoring and improvement activities toensure compliance both with internal security policies etc. and applicable laws and regulations Leads or commissions suitable information security awareness, training and educational activities Leads or commissions information security risk assessments and controls selection activities Leads or commissions activities relating to contingency planning, business continuity managementand IT disaster recovery in conjunction with relevant functions and third parties Lead in the development/adoption and enforcement of Information Security policies, proceduresand standards. Conduct and complete an annual review of required regulations and reports. Maintain BISP Security and Compliance Process and Policies. These are formal policies that detailand document actual mechanisms and controls and should include at least the following: Administrative: Risk analysis and management, documentation management and controls,information access controls and sanctions for failure to comply. Personnel Security: Personnel only have access to the sensitive information for which they haveappropriate authority and clearance. Technical Security: Set the access and authorization controls for everyday operations as well asemergency procedures for data. Transmission security: Set the standards for access controls, audit trails, event reporting,encryption and integrity controls. Secure storage of credentials Validation of Logging artefacts Analysis of Encryption used within application Secure integration with sub systems Response of IDRs with artefacts/data/details

• Periodic review of IDRs Anti virus rollout on new nodes Anti virus signature update Anti virus Integration with Central AV server Monitoring of AV Reviewing reports of AV to check VPCC Releasing Critical & High OS patch advisory on monthly basis Carrying out Basic Hygiene (BH) & Security Health Check ( SHC) on quarterly basis Closure of gaps/vulnerabilities identified in BH & SHC Completing Service Activation & Deactivation (SA&D) process on any new node/service Closure of gaps/vulnerabilities identified in SA&D Verifying if NTP is configured on each node Circulating BH & SHC scripts to OpCos for execution on quarterly basis Coordinating with Central Security & OPCO in case fresh SOD is required Managing & renewing existing SOD 2 week before expiry Management of OPCO wise SOD tracker Verifying if logging is happening on nodes by validating artefacts Validating artefacts to ensure if logs movement is happening to Central logging server Disablement of UIDs on the basis of last login date Following QEV CBN process of UIDs in every quarter VPN UID validation across VAS zone environments VPN UID disablement on the basis of QEV CBN Validation of UID form before ID is created on system UID deletion in case of employee exit VA Scanning of all VAS nodes on quarterly basis Closure of vulnerabilities identified in VA scan (System Index) Managing Internet Proxy for complete VAS environment Managing IPS for complete VAS environment Transformation security compliance Proxy related Maintenance & Support NIPS management

Interested candidates pls share an email toanusha@ittdigital.com,

Keyskills :
customer relationscomputer hardwaredatabase administrationidsmicrosoft accessinformation security awarenessinformation security managementhealth checkrisk analysissecurity riskaccess controlline managementdisaster recoverycorporate liaison