Information Security Risk Analyst cum Auditor
Job Description:
Job Role:
Candidates play a crucial part in safeguarding an organization's sensitive information assets, ensuring
compliance with regulations and frameworks of PCI DSS and ISO27001, and maintaining a strong
security posture in the face of evolving cyber threats. Also to evaluate, validate, and enhance the security
posture by conducting comprehensive audits as per regulatory bodies like SEBI, IRDAI, RBI etc. and
fostering a proactive approach to managing information security risks.
Job Description:
Security Governance and Compliance:
○ Support in establishing effective security governance frameworks, defining roles, responsibilities,
and accountability.
○ Oversee the implementation and management of compliance programs, ensuring adherence to
relevant regulations, standards, and frameworks such as PCI DSS and ISO 27001.
○ Conduct annual internal Information Security reviews and audits in accordance with regulatory
(SEBI, IRDAI, RBI, etc) guidelines
○ Assist in preparing for and responding to external audits and compliance assessments.
Information Security Audits:
○ Perform comprehensive information security assessments, encompassing risk assessments,
cybersecurity maturity assessments, compliance audits, and third-party Vendor audits.
○ Identify security gaps, vulnerabilities, and risks within IT infrastructure, systems, and processes.
○ Conduct audits on IT General Controls (ITGC).
○ Generate high-quality reports summarizing security audit findings and assessment results.
Security Policies and Procedures:
○ Contribute to the development and implementation of information security policies, standards,
and procedures.
○ Educate employees on best practices related to information security and ensure compliance with
established policies.
Security Awareness and Training:
○ Assist in the creation and delivery of security awareness programs and training sessions.
○ Educate employees about security best practices, policies, and procedures to promote a
security-conscious organizational culture.
○ If you have the necessary qualifications and experience, we encourage you to apply for this
exciting opportunity.
Technical Skills Required:
● DR & BCP Strategies Knowledge
● SOC-1 SOC-2,NIST, etc Framework Knowledge
● SIEM Tools Splunk, IBM Qradar, AlienVault, Wazuh
Exp : 2 - 5 years in Information Security Analysis or Audit
Education : B.Tech/B.E. in Computers or Information - Cyber Security, , MCA, MS/M.Sc in Computers /
Information - Cyber Security, M.Tech in Computer Science or IT or Information - Cyber Security, MBA -
Information - Cyber Security,
Company Profile
The client is a leading player in the Indian financial services industry known for its strong distribution capabilities. Started in the year 1994 has now diversified into various businesses and today has presence in businesses ranging from financial products distributor network, asset management, real estate, insurance broking, training & development and technology. Our rich experience in financial services, combined with executional capabilities and strong process & system orientation, has enabled us to shape a rising growth trajectory in our businesses.
Product ranges are MF, Insurance, Realty, Information Technology, Wellness, Interiors, Loan etc. The client is based out of Surat in Gujarat, India and has presence in 165+ locations in India, Mauritius & Dubai and has over 1,800+ employees and over 32,500+ Active Advisors (Partners) associated. The total Asset Under Advice of 1,64,000+ Cr. of more than 28 Lacs investors.
Apply Now
- Interested candidates are requested to apply for this job.
- Recruiters will evaluate your candidature and will get in touch with you.