Job Description - IT Security Analyst II
Location – Gurgaon
Are you curious, motivated, and forward-thinking? At FIS you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.
About the team:
It’s an amazing opportunity to join a Talented team of innovative and committed folks doing interesting work at the world’s largest global provider dedicated to financial technology solutions.
What you will be doing:
In this role you will be performing all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
- Executes projects for Information Security Management System implementation and audit inline to ISO 27001:2022 standard requirements.
- Support in SSAE18 SOC 1 and 2 assessments to assess controls at the organization level.
- Assist with the strategic objectives of the risk management program including execution of risk assessment activities, coordination of risk response and program testing and validation.
- Contribute to reviews of significant events and advise co-workers of action steps required to prevent future recurrence.
- Assist with risk assessments related to the Data Protection, Information Security and Enterprise Risk Management programs as well as other projects throughout various risk disciplines while identifying potential issues, control gaps and potential process efficiencies.
- Conduct risk analysis and present continuous control improvement ideas to team leadership.
- Create information security documentation related to work area and complete requests in accordance with company requirements.
- Responds to information security-related questions and inquiries using established information security tools and procedures.
- Resolves and/or performs follow through to resolve all information security issues and questions.
- Implements and administers information security controls using software and vendor security systems.
- Identifies opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management.
- Interfaces with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.
- Provides status reports on security matters to develop security risk analysis scenarios and response procedures.
- Other related duties assigned as needed.
What you bring
- Bachelor’s/master’s degree in computer science or the equivalent combination of education, training, or work experience
- Must have at least 2-4 years of experience in information systems security with knowledge on ISO 27001, SSAE 18/SOC I/SOC II.
- Hands-on experience in Information Security Management System implementation and audit inline to ISO 27001 standard.
- Must have worked or at a minimum have theoretical knowledge on Information Security Risk Assessment.
- Excellent Process and audit report documentation skills.
- Must have a broad knowledge of technology generally and Information Security technology and methodologies particularly.
- Have executed and/or managed security related Projects in the past.
- Knowledge of GLBA, ITGC, PCI, Cloud Security will be an added advantage.
- Knowledge of networks technologies (protocols, design concepts, access control)
- Knowledge of security technologies (encryption, data protection, design, privilege access, etc.)
- Proficiency in time management, communications, decision making, presentation and organizational skill.
- Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules
- Basic to intermediate decision-making and problem-solving skills
- Basic to intermediate verbal and written communication skills to technical and non-technical audiences of various levels in the organization
- Experience establishing and maintaining effective working relationships with employees and/or clients
Added bonus if you have:
- ISO 27001:2022 Lead Auditor or implementer certification
- CISSP, CISA, CRISC
What we offer you:
- A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities
- The chance to work on some of the most challenging, relevant issues in financial services & technology
- A work environment built on collaboration, flexibility and respect
- A modern, international work environment and a dedicated and motivated team
- A variety of career development tools, resources, and opportunities
Privacy Statement
FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.
Sourcing Model
Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.
#pridepass