Information Security Analyst
Equifax Indi
Total years of experience :15 years, 11 Months
Handle incoming requests from internal customers & stakeholders and generate reports on a weekly, monthly, and yearly basis as per the directions from ISO Demonstrate excellent customer service skills when working with internal/external clients Prepare security documentation by researching internally available sources and SMEs Support customer audits with evidence/artifact collection and cataloging. Enforce standards and policies to protect & preserve the confidentiality, integrity, and availability of information systems Research, analyze, and assists ISOs in evaluating information from multiple data sources and providing recommendations for improvement
Manage functions like UAT, Pre-PROD, PROD, UAM, Security, TPRM, SIEM, PAM, MDM, and Vulnerability Management of all fraud related RCU applications like IRIS, RFR, FALCON & BIO-CATCH, etc. Study VA/PT/Black-box reports of all the RCU applications, and ensure that each one of them is closed within the regulatory timeline Led & coach more junior members from the team engaged in assignment delivery for both internal & regulatory audits Serve as SME for providing an interpretation of RBI/CISTE-related IT/security-related regulations & guidelines and disseminate this to management
Auditing both Run-The-Bank (digital banking systems & operations) and Change-The-Bank (digital banking projects) activities in Bank's Digital Business & Processes. Maintain and Monitor the GRC risk register to ensure that all identified risk factors are accounted for, actioned & closed in a timely fashion Conduct all application audits, for both web and mobile-only products Help develop and monitor IT/security policies and procedures (e.g. IT policy, Information Security Policy, Cybersecurity policy, Outsourcing policy) and implement a schedule of regular reviews to ensure that policies are kept relevant and aligned with industry expected standards
Perform deep analysis by conducting host forensics, network forensics, log analysis, and malware triage in support of incident response investigations to determine the root cause. Utilize proprietary forensic tools, forensic methodologies & forensic technology that include data mining and mapping, electronic discovery, and computer forensic capabilities Work cases using forensic tools like EnCase, FTK, Paraben, Cellebrite UFED, Oxygen, Volatility, Magnet, X-Ways, Belkasoft, WireShark, TCPDump, and open-source forensic tools.
Organize, conduct, and perform technology & information security risk assessments to identify and evaluate risks in technology delivery areas and staff functions Prepare monthly management summaries on end-user risk, vendor risk, technology infrastructure hygiene, technology resiliency & status of regulatory compliance Continuously review security bulletins and related news; stay apprised of current threats and trends
Had ownership of all aspects of audit activities including risk assessments, planning, testing, control evaluation, work paper documentation, report drafting, issue clearance with cybersecurity and access management stakeholders, and follow-up/verification of issue closure Performed vulnerability and/or penetration tests on the client's environment Provide security requirements during planning sessions, functional & technical requirement sessions, user story creation and grooming based on identified risks. Design, implement, and maintain the overall IT/cyber security risk management framework across client organizations
URL removed due to policy violation. Please contact support for further information.