Sign In
 [New User? Sign Up]
Mobile Version

Senior Analyst, IM Security

Bengaluru, KA
Job Code:
  • Miscellaneous
Applying for this job will take you to an external site
  • Shortlist
  • Email Friend
  • Print

Job Details

Purpose The planning and implementation of organization-wide policies, processes and procedures for the management of operational risk. The resolution of incidents and problems throughout the information system lifecycle, including classification, prioritization and initiation of action, documentation of root causes and implementation of remedies. Provide expert advice on information risk controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems. Conduct and evaluate risk management assessments and recommendation on remediation actions and business impact. This role will specialize on a specific technology and/or risk management discipline. Examples of specialization areas can be any technology, technique, method, product or application area as they pertain to the disciplines of information security, privacy, disaster recovery, and regulatory compliance.Scope Autonomy Has defined authority and responsibility for a significant area of work, including technical, financial and quality aspects. Establishes organizational objectives and delegates assignments. Accountable for actions and decisions taken by self and subordinates. Influence Influences policy formation on contribution of specialisation to business objectives. Influences at level of division internally and influences customer/suppliers and industry at senior management level. Decisions impact work of employing organizations, achievement of organizational objectives and financial performance. Develops high-level relationships with customers, suppliers and industry leaders. Complexity Highly complex work activities covering technical, financial and quality aspects and contributing to formulation of IS strategy. Work involves creative application of wide range of technical and/or management principles.Primary Responsibilities Plans and manages the implementation of organization-wide processes and procedures, tools and techniques for the identification, assessment and management of risk inherent in the operation of business processes and of potential risks arising from planned IT-enabled change. Protects and defends information and information systems by ensuring availability, integrity, authentication, confidentiality and non-repudiation. Provides consulting for restoration of information systems by ensuring that protection, detection and reaction capabilities are incorporated. Ensures that appropriate action is taken to investigate and resolve incidents and problems in systems and services. Ensures that such incidents and problems are fully documented within the relevant reporting systems. Coordinates the implementation of agreed remedies and preventative measures. Conducts risk assessments for business applications and computer installations; provides authoritative advice and guidance on security strategies to manage the identified risk. Investigates breaches of IT service disruptions and recommends appropriate control improvements. Interprets information risk policy and contributes to development of standards and guidelines. Maintains an in-depth knowledge of specific technical specialisms and provides expert advice regarding their application. Can supervise technical specialists. Specific Tasks include Business Risk Management Advises on risk management policies, and contributes to the creation and publication of strategies for managing risk to the continuing effective operation of the business. Plans and manages the implementation of organization-wide processes and procedures, tools and techniques, within a specific information risk area, for the identification, assessment, and management of risk inherent in the operation of business processes and of potential risks arising from planned IT-enabled change. Identifies and categorizes strategic and operational risks. Advises on the evaluation of identified risks (including probability/frequency of occurrence, impact, and severity). Advises on appropriate action, including contingency planning, and countermeasures Information Assurance Awareness of legal and best practices relating to availability, integrity, confidentiality, privacy, etc. Recommends appropriate and practical performance measures and tracks compliance. In the context of Business Continuity, assesses protection, detection, and reaction capabilities, to determine whether they are sufficient to support restoration of information systems in a secure manner. Information Risk Conducts assessments of threats to confidentiality, integrity, availability, accountability and relevant compliance. Participates in security control reviews, business risk assessments, and reviews that follow significant breaches of security controls or IT service disruptions. Contributes to the development and promotion of the technical specialize. Recommends quality standards and policies relating to the technical specialize. Maintains knowledge of the technical specialism at the detailed and comprehensive level. Keeps in close touch with and contributes to current developments in the technical specialism within Xerox.Candidate Education Minimum Bachelor's Degree Computer Science, Information Systems, or related field.Professional Certifications Minimum Technical certifications as required such as CISSP, SANS GSEC, CIPP, FBCP.Candidate Background Skills, Knowledge & Ability
Additional Degree: BE/ B.Tech (Engineering) | Other School/ Graduation

Experience: 3-8


Application Programming | System Administration | System Security
Applying for this job will take you to an external site


© Copyright 2015 Al Nisr Publishing LLC - powered by Gulf News