09/07 Archana
Lead - Talent Recruiter at KellyOCG

Views:570 Applications:36 Rec. Actions:Recruiter Actions:0

Senior Security Analyst - Information Security/Application Security (8-12 yrs)

Chennai Job Code: 465590

Description :

Technical Information Security Officer-TISO/Senior Security Analyst - SSA

- The Technical Information Security Officer will work with the system development areas to ensure proper technology risk considerations are addressed at each phase of the system development life cycle and provide proactive solutions to correct exposures or mitigate risk. 

- Interpret security standards, procedures, and guidelines for multiple platforms and diverse environments (e.g. client server, distributed, mainframe, etc.) in designing solutions, recommending enhancements or defining mitigating controls to existing systems.

- The individual should demonstrate an understanding of application security and will exercise judgment within existing practices and policies

- Perform information security risk assessment on new applications and changes to applications

- Reports IS gaps to IT as applicable with appropriate recommendations

- Create corrective action plans for non-compliant issues working with application development team

- Recommend security solutions according to Security Policy and Practices established by Citigroup

- Promote awareness of current policies and standards, as well as revisions and developments

- Provide consistent interpretation of policy to IT

- Establish and maintain relationships with domain architects, project managers, and others within the technology development unit

Qualifications :

- 5-10 years of Information security knowledge of information security, IT Risks and controls assessment

- Application security risk assessment experience is desirable

- Good understanding of the Information control areas including authentication, authorization, access control, auditing, cryptography for applications

- Knowledge of OWASP Guidelines for application

- Knowledge of software development processes, integration of security assessments in SDLC process, secure coding is desirable

- Experience with vulnerability assessment and related risk assessment tools and/or application development experience is a plus

- Proficient in MS Office products, particularly PowerPoint and Excel

- Exhibit strong influencing/negotiation skills as well as written/verbal communication skills

- Professional certifications, such as CISSP and CSSLP, or willingness to obtain certification within 12-18 months of start date

Women-friendly workplace:

Maternity and Paternity Benefits

Add a note
Something suspicious? Report this job posting.