Latest jobs / Securities TradingAudit
https://indigojobs.in/
IndigoJobs29-03-2024<h4>Job Description</h4>Aurex Inc, is looking for a GRC consultant role. As an integral member of the GRC Implementation team, the responsibility of the GRC Consultant is to carry out the implementation of GRC system for our customers related to policy compliance, security requirements governance, as well as risk management. The ideal candidate will have knowledge of risk management, security and privacy practices and be an effective communicator, both written and verbal. Responsibilities Develop and participate in the implementation of client initiatives focused on the reduction of technology risk, governance, and compliance to policies and external regulatory compliance. Evaluating business and IT risks Developing IT security standards, procedures, and controls to manage risks. Improve client security positioning through process improvement, policy, automation, and the continuous evolution of capabilities. Evaluation of information security threats and their impact on clients" IT environment . Supporting the Senior team members, assisting with the analysis of requirements and design of clients information security posture, as well as Legal, Regulatory, and Scheme security requirements. Supporting the senior team members in the delivery of work streams for clients in compliance standards such as PCI DSS, ISO27001, EU GDPR, and Bahrain PDPL and incident management disciplines. Performing and investigating internal and external information security risk and exception assessments. Assessing incidents, vulnerability management, scans, patching status, secure baselines, penetration test results, phishing, and social engineering tests and attacks. Documenting and reporting control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities. Staying current on best practices and technological advancements and acting as a technical resource for security assessment and regulatory compliance. Performing other related duties as assigned from time to time-based on the business requirements. Qualification 3- 5 years experience in IT Governance, Risk & Compliance Understanding of ISO 27001, PCI DSS, ITIL, ITSM, and COBIT standards preferred Experience with risk management principles and associated methodologies Ideally will have a CEH, CISSP, CISA, or CISM qualification. Proven ability to make sound pragmatic decisions and judgments under tight timelines. Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative way both internally and externally. <h4>Employement Category:</h4><b>Employement Type: </b>Full time</br><b>Industry: </b>Others </br><b>Role Category: </b>Securities TradingAudit </br><b>Functional Area: </b>Not Applicable</br><b>Role/Responsibilies: </b>GRC Consultant<br /><br /><a href="https://indigojobs.in/job/629233/grc-consultant-at-symphoni-hr/">Apply</a><br />
https://indigojobs.in/job/629233/grc-consultant-at-symphoni-hr/
[Full Time] GRC Consultant at Symphoni HRFri, 01 Mar 2024 15:07:38 +0530<h4>Job Description</h4>Working in Information Security Management, you'll design and implement processes and tools that safeguard the firm's computing environment. Creating action plans, mitigating risks, and resolving control issues, you'll gain key insight into today's complex risk and regulatory landscape. Working with our cybersecurity team, youll be at the forefront of innovation designed to strengthen our operations. Additionally, you'll have the chance to participate in steering committees, promote IT security awareness across the firm, advise and support business security risk and control activities, and drive your career in any direction you choose. This role requires a wide variety of strengths and capabilities, including: Bachelors degree or equivalent experience Advanced knowledge of multiple IT control and project management practices, plus experience working across large environments Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish. common goals Expertise in application and infrastructure high-availability and resiliency architectures Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection<h4>Employement Category:</h4><b>Employement Type: </b>Full time</br><b>Industry: </b>Others </br><b>Role Category: </b>Securities TradingAudit </br><b>Functional Area: </b>Not Applicable</br><b>Role/Responsibilies: </b>Information Security Mgmt- Technology Risk and<br /><br /><a href="https://indigojobs.in/job/629230/information-security-mgmt-technology-risk-at-symphoni-hr/">Apply</a><br />
https://indigojobs.in/job/629230/information-security-mgmt-technology-risk-at-symphoni-hr/
[Full Time] Information Security Mgmt- Technology Risk at Symphoni HRFri, 01 Mar 2024 10:04:24 +0530<h4>Job Description</h4>Company Description ValuEnable is an InsureTech company which offers multi-stack enterprise solution to Life Insurance companies in India to collaborate and deliver superior customer service and achieve higher business retention. Our solution includes the Content and Delivery Stack, Policy Loan Marketplace, and Policy Assignment Platform. We are led by founders with years of deep industry experience and are supported by Rainmatter Fintech Investments and a group of angels. Role Description This is a full-time on-site role located in Mumbai for a Principal in Information Security & Compliance/Governance. The Principal will be responsible for ensuring that ValuEnable's enterprise solution complies with information security regulations and enforces compliance and security policies to ensure compliance with industry standards and regulatory requirements and clients InfoSec objectives. The Principal will also monitor the company's risk and provide recommendations to senior. management. Qualifications Bachelor's degree in Information Systems, Computer Science, or a related field 8+ years of experience in information security and compliance Deep knowledge of information security standards, regulations, and best practices Experience with security and risk management frameworks, such as ISO 27001, CIS Critical Security Controls, and NIST Cybersecurity Framework Experience with auditing and assessing compliance for enterprise systems and third-party vendors Excellent communication and collaboration skills Strong analytical and problem-solving skills Key Responsibilities 1) Control Framework Management: Develop, implement, and maintain a robust IT and InfoSec control framework. Regularly assess and update controls to mitigate risks and enhance security posture. Compliance and Regulatory 2) Governance: Ensure compliance with relevant industry standards and regulatory requirements. Stay abreast of changes in regulations and implement necessary controls to address new requirements and inculcate automated control reports of severe risk controls 3) Risk Assessment: Conduct regular risk assessments to identify and prioritise potential threats. Collaborate with cross-functional teams to develop and implement risk mitigation strategies. 4) Incident Response: Lead the development and maintenance of an effective incident response plan. Coordinate with internal teams to respond to and recover from security incidents. Policy Development and Enforcement: Develop and update IT and InfoSec policies in line with industry best practices. Enforce compliance with policies through regular audits and training programs. 5) Change Management: Develop and implement effective change management processes for IT and InfoSec controls. Ensure that changes to systems, processes, and policies are assessed for security implications and comply with established controls. 6) Vendor Risk Management: Evaluate and manage risks associated with third-party vendors. Work closely with procurement and legal teams to ensure vendors meet security requirements. Interested candidate can write to <em class="true-italic">hidden_email</em> and <em class="true-italic">hidden_email</em>, along with your latest resume, earliest data of joining. Regards, ValuEnable<h4>Employement Category:</h4><b>Employement Type: </b>Full time</br><b>Industry: </b>Others </br><b>Role Category: </b>Securities TradingAudit </br><b>Functional Area: </b>Not Applicable</br><b>Role/Responsibilies: </b>Principal - Information Security &<br /><br /><a href="https://indigojobs.in/job/629232/principal-information-security-at-symphoni-hr/">Apply</a><br />
https://indigojobs.in/job/629232/principal-information-security-at-symphoni-hr/
[Full Time] Principal - Information Security & at Symphoni HRFri, 01 Mar 2024 01:03:52 +0530<h4>Job Description</h4>Hiranandani Financial Services is seeking a dynamic and experienced professional to join our team as the Information Security Officer. The successful candidate will be responsible for developing and implementing robust information security strategies to safeguard the organization's assets, data, and systems. Reporting directly to the Chief Risk Officer, the Lead CISO will play a critical role in ensuring the confidentiality, integrity, and availability of information across the organization. Key Responsibilities: -------------------------- 1. Information Security Strategy: Develop and implement a comprehensive information security strategy aligned with business objectives and regulatory requirements. Provide strategic direction and guidance on information security policies, standards, and procedures. 2. Risk Management: Conduct regular risk assessments to identify and mitigate potential security threats and vulnerabilities on our information systems/ applications/ other. utilities. Collaborate with cross-functional teams to assess and manage information security risks effectively. 3. Security Architecture and Design: Define and maintain a robust security architecture that aligns with industry best practices. Work closely with IT teams to integrate security measures into the overall system architecture. 4. Incident Response and Management: Establish and lead an incident response team to address and mitigate security incidents promptly. Develop and maintain an incident response plan, ensuring the organization's readiness to handle security breaches. 5. Compliance and Regulatory Affairs: Ensure compliance with relevant laws, regulations, and industry standards. Stay informed about changes in the regulatory environment and update security policies accordingly. 6. Security Awareness and Training: Implement a comprehensive security awareness program to educate employees about security policies and best practices. Conduct regular sessions to enhance the overall security awareness within the organization. 7. Vendor Security Management: Evaluate and manage the security posture of third-party vendors and partners. Implement and enforce security controls in vendor contracts to mitigate risks. 8. Security Metrics and Reporting: Define key performance indicators (KPIs) and metrics to measure the effectiveness of the information security program. Provide regular reports to senior management on the status of information security initiatives. Qualifications and Experience: ------------------------------------ Bachelor's degree in Information Security, Computer Science, or a related field; Masters degree preferred. Proven experience in a leadership/Managerial role within information security, with a minimum of 7 years of relevant experience. Strong understanding of financial services/lending business and regulatory requirements in the information security domain. Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels. Technically sound and certifies with technical pedigree of aptitude skills<h4>Employement Category:</h4><b>Employement Type: </b>Full time</br><b>Industry: </b>Financial Services </br><b>Role Category: </b>Securities TradingAudit </br><b>Functional Area: </b>Not Applicable</br><b>Role/Responsibilies: </b>Information Security Officer - Powai<br /><br /><a href="https://indigojobs.in/job/629231/information-security-officer-powai-at-symphoni-hr/">Apply</a><br />
https://indigojobs.in/job/629231/information-security-officer-powai-at-symphoni-hr/
[Full Time] Information Security Officer - Powai at Symphoni HRWed, 28 Feb 2024 12:00:00 +0530<h4>Job Description</h4>:</strong><br />As a Security Champion in the Information Security and Compliance (ISC) team, you will be a key<br />contributor to the organization&#39;s cybersecurity initiatives, ensuring the protection of sensitive information<br />and compliance with relevant regulations. Your role involves collaborating with various teams to champion<br />security best practices, drive awareness, and enhance the overall security posture.<br />Key Responsibilities:<br />1. Security Advocacy and Awareness:<br />- Act as a vocal advocate for security best practices throughout the organization.<br />- Conduct training sessions and awareness programs to educate employees on cybersecurity risks and<br />preventive measures.<br />2. Policy Development and Compliance:<br />- Contribute to the development, review, and enforcement of information security policies and<br />procedures.<br />- Ensure alignment with industry standards and regulatory requirements.<br />3. Risk Assessment and Mitigation:<br />- Collaborate with cross-functional teams to conduct risk assessments for systems, applications, and<br />processes.<br />- Work towards implementing effective risk mitigation strategies.<br />4. Incident Response Coordination:<br />- Participate in incident response activities, providing support and coordination during security incidents.<br />- Contribute to post-incident reviews and implement improvements to incident response processes.<br />5. Security Tool Evaluation:<br />- Assist in the evaluation, selection, and deployment of security tools and technologies.<br />- Collaborate with the technical teams to ensure effective use of security solutions.<br />6. Compliance Audits:<br />- Participate in compliance audits and assessments to ensure adherence to regulatory requirements.<br />- Work with external auditors to provide necessary documentation and evidence.</p> <p><br /><strong>Qualifications:</strong><br />- Bachelors degree in Cybersecurity, Information Technology, or a related field.<br />- Relevant certifications (e.g., CISSP, CISM, CISA)<br />- Proven experience in information security roles, with a focus on security governance and compliance.<br />- Strong understanding of industry regulations and standards (e.g., GDPR, HIPAA, ISO 27001).<br />- Excellent communication and interpersonal skills.<br />- Knowledge of security technologies, tools, and methodologies.<br />- Analytical mindset and the ability to assess and mitigate security risks.<br />- Experience with security incident response and forensic analysis.</p><h4>Employement Category:</h4><b>Employement Type: </b>Full time</br><b>Industry: </b>FinTech </br><b>Role Category: </b>Securities TradingAudit </br><b>Functional Area: </b>Not Applicable</br><b>Role/Responsibilies: </b>Information Security and Compliance<br /><br /><a href="https://indigojobs.in/job/629226/information-security-and-compliance-at-symphoni-hr/">Apply</a><br />
https://indigojobs.in/job/629226/information-security-and-compliance-at-symphoni-hr/
[Full Time] Information Security and Compliance at Symphoni HRTue, 27 Feb 2024 12:00:00 +0530<h4>Job Description</h4>Job Description Working in Information Security Management, you'll design and implement processes and tools that safeguard the firm's computing environment. Creating action plans, mitigating risks, and resolving control issues, you'll gain key insight into today's complex risk and regulatory landscape. Working with our cybersecurity team, youll be at the forefront of innovation designed to strengthen our operations. Additionally, you'll have the chance to participate in steering committees, promote IT security awareness across the firm, advise and support business security risk and control activities, and drive your career in any direction you choose. This role requires a wide variety of strengths and capabilities, including: Bachelors degree or equivalent experience Advanced knowledge of multiple IT control and project management practices, plus experience working across large environments Ability to collaborate with high-performing teams and individuals throughout the firm. to accomplish common goals Expertise in application and infrastructure high-availability and resiliency architectures Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection ABOUT US JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the worlds most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants and employees religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation. About The Team The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firms cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The groups number one priority is to enable the business by keeping the firm safe, stable and resilient. High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment<h4>Employement Category:</h4><b>Employement Type: </b>Full time</br><b>Industry: </b>Financial Services </br><b>Role Category: </b>Securities TradingAudit </br><b>Functional Area: </b>Not Applicable</br><b>Role/Responsibilies: </b>Information Security Mgmt- Technology Risk<br /><br /><a href="https://indigojobs.in/job/629228/information-security-mgmt-technology-risk-at-symphoni-hr/">Apply</a><br />
https://indigojobs.in/job/629228/information-security-mgmt-technology-risk-at-symphoni-hr/
[Full Time] Information Security Mgmt- Technology Risk at Symphoni HRMon, 26 Feb 2024 12:00:00 +0530<h4>Job Description</h4>Vulnerability Assessment skills : Thorough and practical knowledge of OWASP, Hands on experience with popular security tools Nessus, Burpsuite, Netsparker, Metasploit, Nexpose, KALI Linux. Working knowledge of manual testing of web applications. Good knowledge of modifying and compiling exploit code. Hands on experience of working on Windows and Linux Platforms. Penetration Testing Skills : configuration review for network, web application, mobile application and thick-client application, PT of web and mobile applications, cloud penetration testing, Network Penetration Testing etc. Keep oneself updated on the latest IT Security news, exploits, hacks. Prepare Threat Intelligence reports for newly discovered threat agents, exploits, attacks etc. Infra & Network Security Skills : Technical knowledge of Firewall, AD, VPN, Duo, CDN, DDOS, APT, NAC, IPS/IDS, PIM/PAM, Cloud & Container configuration etc. Driving Security at all Perimeter level, Rules & Configuration review of Network. elements i.e. Other Desired technical skills: Working knowledge of CIS Security benchmarks Good understanding and knowledge of codes & Programming languages Has practical experience in auditing various OS, DB, Network and Security technologies Desired Certifications Offensive Security Certified Expert (OSCE) Offensive Security Web expert (OSWE) Offensive Security Wireless Professional (OSWP) Offensive Security Exploitation Expert (OSEE) Certified Information Security Manager(CISM) Certified Information Systems Security Professional(CISSP<h4>Employement Category:</h4><b>Employement Type: </b>Full time</br><b>Industry: </b>Others </br><b>Role Category: </b>Securities TradingAudit </br><b>Functional Area: </b>Not Applicable</br><b>Role/Responsibilies: </b>Senior Information Security Analyst<br /><br /><a href="https://indigojobs.in/job/629227/senior-information-security-analyst-at-symphoni-hr/">Apply</a><br />
https://indigojobs.in/job/629227/senior-information-security-analyst-at-symphoni-hr/
[Full Time] Senior Information Security Analyst at Symphoni HRSun, 25 Feb 2024 12:00:00 +0530<h4>Job Description</h4>Position: INFORMATION SECURITY OFFICER (ISO) We are seeking an experienced and vigilant Information Security Officer (ISO) to join our dynamic team at Wishfin. As an ISO, you will be responsible for establishing and maintaining the enterprise vision, strategy, and programs to ensure information assets and technologies are adequately protected. Key Responsibilities: Risk Management: Identify, assess, and prioritize potential security risks to our systems, data, and networks. Develop and implement strategies to mitigate these risks effectively. Security Policies and Procedures: Develop, implement, and enforce security policies, standards, and procedures to safeguard sensitive information and ensure compliance with relevant regulations (e.g., GDPR, PCI DSS). Incident Response: Lead incident response efforts, including investigation, containment, and resolution of security incidents. Implement measures to prevent future occurrences. Security Awareness Training: Develop and. deliver training programs to educate employees on security best practices, emerging threats, and compliance requirements. Vendor Risk Management: Assess the security posture of third-party vendors and manage vendor relationships to ensure they meet our security standards. Security Architecture: Collaborate with IT and engineering teams to design, implement, and maintain secure architectures for our systems, applications, and networks. Security Audits and Compliance: Conduct regular security audits, assessments, and compliance reviews. Work with internal and external auditors to address findings and ensure continuous compliance with industry standards. Security Monitoring and Incident Detection: Deploy and manage security monitoring tools and technologies to detect and respond to security threats in real-time. Security Governance: Establish and chair a security governance committee to oversee security initiatives, monitor performance, and provide strategic direction to senior leadership. Security Incident Reporting: Prepare and present regular reports on the status of information security to senior management and relevant stakeholders. Must have: Bachelor's degree in Computer Science, Information Technology, EXTC or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, CISA) are good to have not mandatory. Proven experience 2 years in information security roles, with a focus on risk management, compliance, and incident response in the fintech or financial services industry. knowledge of security frameworks (e.g., ISO 27001, NIST Cybersecurity Framework , Soc 2) and regulatory requirements (e.g., GDPR, PCI DSS, PSD2). Strong understanding of networking, encryption, authentication, and security technologies. Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and articulate complex security concepts to non-technical stakeholders. Analytical mindset with a keen attention to detail and the ability to think critically and strategically about security issues. Proven track record of driving security initiatives, managing security projects, and achieving measurable results. Interested candidates can apply to this job or share updated resume at <em class="true-italic">hidden_email</em> Interested candidates can apply to this job or share updated resume at <em class="true-italic">hidden_email</em><h4>Employement Category:</h4><b>Employement Type: </b>Full time</br><b>Industry: </b>Financial Services </br><b>Role Category: </b>Securities TradingAudit </br><b>Functional Area: </b>Not Applicable</br><b>Role/Responsibilies: </b>Information Security Officer (ISO)<br /><br /><a href="https://indigojobs.in/job/629229/information-security-officer-iso-at-symphoni-hr/">Apply</a><br />
https://indigojobs.in/job/629229/information-security-officer-iso-at-symphoni-hr/
[Full Time] Information Security Officer (ISO) at Symphoni HRSun, 25 Feb 2024 12:00:00 +0530