Senior Information Security Analyst - Noida @ Ameriprise

Job Description

• The Senior Information Security Analyst is part of a team that establishes, supports, and continuously improves the enterprise information security policies, practices, and standards
• This role will participate in on-going operational activities that serve to establish appropriate access to and provide the appropriate protection, confidentiality, integrity and availability of enterprise systems and data through effective security controls
• This role is also responsible for validating compliance with policies and standards that keep Ameriprise applications and infrastructure safe and secure from vulnerabilities

Major Areas of accountability:

Information Security Governance ~~ Identity Access Governance ~~ Policy/Procedure Management and Enforcement ~~ Reporting/Metrics ~~ Incident Management ~~ Education

Provide timely and effective operational support for the firms information security tools, processes and practices in the Identity space.

Use standard technology monitoring tools to monitor assigned environments and/or technical assets and identify/detect behavior outside of established standards.

Escalate key security issues to the appropriate team to be addressed.

Assist with security assurance testing activities.

Monitor compliance with information security and identity policies and practices and any applicable laws.

Assist with internal and external security risk assessments, risk analysis and application or system-level access reviews and attestations.

Coordinate/facilitate access and entitlement reviews for individual applications, business lines, and the enterprise at-large.

Assist with the research, development, continuous improvement and implementation of identity policies, procedures, standards, and processes based on compliance requirements and industry best practices.

Document the identity governance requirements, processes and procedures.

Enforce information security and identity policies and procedures by reviewing violation reports, investigating possible exceptions, and documenting controls.

Prepare status reports on identity and access matters that are used for a variety of purposes - tracking and monitoring security breaches, forensic investigative activities, remediation plan management and risk management compliance reporting.

Effectively manage and prioritize ad-hoc reporting requests, scorecards, and standard departmental reporting.

Coordinate with internal team and external auditors to provide documentation of compliance assessments, support, and remediation activities.

Maintain and develop knowledge of identity access management trends, new identity technologies and best practices.

Conduct security and industry specific research to keep self and the firm abreast of the latest security issues and regulatory developments that may impact existing policies, procedures and practices.

Participate in information security education, training and awareness activities for technology and business teams.

Required Qualifications

Bachelor s degree in Computer Science, Management Information Systems, or related technical field; or equivalent work experience.

4-7 years of experience in Information Security Services or related technical field.

Work experience that spans the Identity Access Management or Governance, Risk, and Compliance security domains.

Working knowledge of information security and computer network/system access technologies.

Experience working in the financial services industry or other highly regulated/compliance-oriented environments.

Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms.

Very good understanding of security controls, monitoring systems and regulatory/business drivers that impact security policies and practices.

Working with business users on platform related questions/issues

The successful candidate will need to demonstrate proficiency in atleast one of below four verticals:

1. Identity Access Governance Suites such as RSA Identity Governance Lifecycle (formerly Aveksa) or other competitor products such as Sailpoint or Saviynt.

2. Privileged Account Management Capabilities, Services and Processes [CyberArk] or other competitor products such as Beyond Trust, Thycotic.

3. Security Information Event Monitoring (SIEM) / User and Entity Behavior Analysis [UEBA] Capabilities, Services and Processes (e.g. Sumologic / Securonix)

4. Cloud Governance technologies (AWS and/or Azure)

In addition, the successful candidate will need to meet below requirements:

Interested in gaining broad experience in Information Security Services [must have]

First level knowledge and/or demonstrated technical ability to understand code and technology infrastructure in multiple environments with experience in the below languages [Powershell, Python, Regular expressions-based programming]

Demonstrated basic understanding of the Software Development Lifecycle (SDLC) and programming/development procedures.

Effective oral and written communication skills along with logical, analytical, and abstract thinking skills.

Strong attention to detail, follow-through, and time management skills.

Demonstrated aptitude to quickly learn and apply new tools and processes

Defining business, user, and systems requirements

Developing user acceptance test plans

Developing, document, test and modify new and existing code

Developing working knowledge of systems and processes

Business Analysis

Building Process Flows

Presentations (Creating and Delivering)

Risk Identification and Remediation

Project Management

Project Coordination

Reporting (SQL queries to databases) / Correlation

ITIL (Change, Problem, Incident, Configuration) Management

Preferred Qualifications :

Basic knowledge and experience with:

Operating Systems (Windows, UNIX, Mainframe, etc.)

Directories/LDAP Constructs (Active Directory, Oracle, etc.)

Databases/RDBMS Constructs (Oracle, SQL, DB2, MS SQL Server etc.)

Authentication / Authorization Constructs (Directory, Hybrid, Native Source)

Data Formats (XML, CSV, etc.)

Identity Access Governance Capabilities:

o Role Based Access Controls (RBAC)

o Provision / De-Provisioning

o Access Request

Privileged Access/Credential Management

Privileged Access Management Suites

o CyberArk

Development / Programming / Scripting

o SQL for Oracle or MS SQL

o Java EE

Compliance Types (GLBA, HIPAA, IT Compliance, NERC, PCI, SOX, etc.)

Service Organization Controls (SOC1, SOC2)

Job Classification

Industry: Financial Services
Functional Area: Financial Services
Role Category: IT & Information Security - Other
Role: IT & Information Security - Other
Employement Type: Full time

Contact Details:

Company: Ameriprise Financial
Location(s): Noida, Gurugram

+ View Contact

×

Login

Candidates can login here to view contacts and apply.

Sign In Sign Up

Email:

Password:

Password too short

To create your profile, apply for a job or make a registration

Sign In Close

Your name (*)

Email (*)

Mobile (*)

Preferred City (* max. 2 w/comma)

Designation / Expected Role

Current / Recent Company (*)

Experience (*)

0 - 1 Yrs 1 - 2 Yrs 2 - 3 Yrs 3 - 4 Yrs 4 - 5 Yrs 5 - 6 Yrs 6 - 7 Yrs 7 - 8 Yrs 8 - 9 Yrs 9 - 10 Yrs 10 - 11 Yrs 11 - 12 Yrs 12 - 13 Yrs 13 - 14 Yrs 14 - 15 Yrs 15 - 16 Yrs 16 - 17 Yrs 17 - 18 Yrs 18 - 19 Yrs 19 - 20 Yrs 20 - 21 Yrs 21 - 22 Yrs 22 - 23 Yrs 23 - 24 Yrs 24 - 25 Yrs 25 - 26 Yrs 26 - 27 Yrs 27 - 28 Yrs 28 - 29 Yrs 29 - 30 Yrs 30+ Yrs

Expected Salary (*)

Rs 0 - 50K PM Rs 50K - 1 LPA Rs 1.0 - 1.5 LPA Rs 1.5 - 2.0 LPA Rs 2.0 - 2.5 LPA Rs 2.5 - 3.0 LPA Rs 3.0 - 3.5 LPA Rs 3.5 - 4.0 LPA Rs 4.0 - 4.5 LPA Rs 4.5 - 5.0 LPA Rs 5 - 6 LPA Rs 6 - 7 LPA Rs 7 - 8 LPA Rs 8 - 9 LPA Rs 9 - 10 LPA Rs 10 - 12 LPA Rs 12 - 14 LPA Rs 14 - 16 LPA Rs 16 - 18 LPA Rs 18 - 20 LPA Rs 20 - 22 LPA Rs 22 - 24 LPA Rs 24 - 26 LPA Rs 26 - 28 LPA Rs 28 - 30 LPA Rs 30 - 32 LPA Rs 32 - 34 LPA Rs 34 - 36 LPA Rs 36 - 38 LPA Rs 38 - 40 LPA Rs 40 - 42 LPA Rs 42 - 44 LPA Rs 44 - 46 LPA Rs 46 - 48 LPA Rs 48 - 50 LPA Rs 50 - 75 LPA Rs 75 Lakh - 1C PA Rs 1 Crore+ PA

Desired Industry (*):

Accounting / Finance Advertising / MR / PR / Events Agriculture / Dairy Animation / Multimedia Architecture / Interior Design Astrology Automobile / Auto Ancillaries / Auto Components Aviation / Airline / Aerospace / Aeronautical Banking / Financial Services / Broking BPO / Call Center / ITeS Brewery / Distillery Broadcasting Cement / Building Material Chemical / Petro / Plastic / Rubber / Glass Consumer Electronics / Appliances / Durables Courier / Transportation / Freight Defence / Government Education / Teaching / Training Electricals / Switchgears Engineering / Construction / Cement / Metals Environment / Waste Management Export / Import / Trading Facility Management Fertilizers / Pesticides FMCG / Foods / Beverage Food Processing Furnishings / Ceramics / Sanitaryware / Electricals Gems / Jewellery Gifts / Toys / Stationary Government / Departmental Heat Ventilation / Air Conditioning Hotel / Restaurant Industrial Design Industrial Products / Heavy Machinery Insurance Internet / E-Commerce IT - Hardware / Networking IT - Software / Services KPO / Research / Analytics Leather / Leather Products Legal / Courts Logistics / Courier / Transportation Management Consulting / Strategy Manufacturing / Production Matrimony / Matchmaking Media / Entertainment Medical / Healthcare / Hospital Merchant Navy Metal / Iron / Steel MFI - Micro Finance Military / Police / Arms Ammunition Mining / Quarrying NBFC-Non Banking Financial Services NGO / Social Work Office Equipment / Automation Not Mentioned Paint / Art / Sculpture / Craft Paper / Wood Personal Care / Beauty Pharma / Biotech / Clinical Research Politics Power / Energy / Oil / Gas / Petroleum Printing / Publishing / Packaging Quality Certification Real Estate / Property Recruitment Services / RPO Religion / Spirituality Retail Security / Detective Services Semiconductors / Electronics Shipping / Marine Telecom / ISP Textile / Garments / Fashion Travel / Tourism / Hotels / Airlines / Railways Unskilled Labor / Domestic Help Veterinary Science / Pet Care Sports / Fitness / Beauty

Functional area / Department (*):

Accounts / Finance / Tax / CS / Audit Agent / Agency Analytics & Business Intelligence Architecture / Interior Design Banking / Insurance Beauty / Fitness / Spa Services Content / Journalism Corporate Planning / Consulting CSR & Sustainability Engineering Design / R&D Export / Import / Merchandising Fashion / Garments / Merchandising Guards / Security Services Hotels / Restaurants HR / Administration / IR IT- Hardware / Telecom / Technical Staff / Support IT Software - Application Programming / Maintenance IT Software - Client Server IT Software - DBA / Datawarehousing IT Software - E-Commerce / Internet Technologies IT Software - Embedded /EDA /VLSI /ASIC /Chip Des. IT Software - ERP / CRM IT Software - Mainframe IT Software - Middleware IT Software - Mobile IT Software - Network Administration / Security IT Software - Other IT Software - QA & Testing IT Software - System Programming IT Software - Systems / EDP / MIS IT Software - Telecom Software ITES / BPO / KPO / Customer Service / Operations Legal Marketing / Advertising / MR / PR Pharma / Biotech / Healthcare / Medical / R&D Packaging Production / Maintenance / Quality Purchase / Logistics / Supply Chain Sales / BD Secretary / Front Office / Data Entry Self Employed / Consultants Shipping Site Engineering / Project Management Teaching / Education Top Management Ticketing / Travel / Airlines TV / Films / Production Web / Graphic Design / Visualiser Other Areas

Enter Skills (key skills, subjects, technologies & roles to use in search)

Write briefly about yourself, your experience and education (*)

Attach Resume  Max 2.38 MB (RTF, PDF, DOC, DOCX formats only parsed)

Please, check the file size and type.

Add social media [ + ]

Create password

I agree with website service terms and conditions

Sign Up Close

Candidates are expected to provide most recent and accurate profile information, inappropriate content is strictly prohibited!

Keyskills:   Unix MS SQL Db2 XML Project management Active directory Windows Oracle SDLC Python