דרושים Analyst - System Administration Support ב-Bank Of America ב-India, Chennai

Process Overview*

Global Information Security (GIS) functions by analyzing, researching, improving, defining, implementing, and executing information security processes defined, in large part, by past high profile audit issues. Key responsibilities include Data Quality management of closed manually identified P2 vulnerabilities, developing an understanding of the LOBs that report vulnerabilities via manual flat file to GIS, following standard practices and procedures in analyzing situations or data, and supporting team members in performing specialized GIS functions, primarily Data Quality assurance. Job expectations include partnering with teams inside, and outside, of GIS, inclusive of GIS, CTI, EET, APS&E, GT Risk, and others.

Responsibilities*

• Responsible for the development and execution of the vulnerability identification technology strategy
• Hands on proof-of-concept testing of next generation Vulnerability identification technologies
• Deliver routine Project progress updates to Senior Executive Leadership
• Responsible for vulnerability scanning platforms optimization and resiliency
• Responsible for the mapping of vulnerability identification gaps with remedial technology solutions
• Maintain relationships with Vulnerability Management Solutions Providers and Technology implementation partners
• Responsible for Technology-based thematic issue tracking, resolution, and reporting
• Key participants to Vulnerability Identification Incident Management & Response.
• Provide technical guidance and mentorship to team members

Requirements*

Bachelor’s and/or master’s degree in computer science, Information Technology or related field

Certifications (If Any) :Qualys VMDR preferred, Relevant certifications such as CISSP, CISM, ISO 27001, NIST is a plus

8+ Years

Foundational Skills:

• Hands-on technical experience deploying an Industry-leading Vulnerability Identification Scanning Solution(s) (Qualys and Tenable)
• Working knowledge of Network architecture and Engineering concepts
• Experience with deploying and managing cloud-based Vulnerability scanning solutions
• Superior sense of urgency and ability to accurately prioritize deliverables
• Good written and verbal communication Skills

Desired Skills:

• BS or MS in Information technology/security or related areas of study
• Experience with establishing and maintaining integration between Vulnerability identification tools and Vulnerability Management Workflows (e.g. ServiceNow)
• Familiarity with mainstream attacker techniques, tactics, and procedures (i.e. MITRE ATT&CK Framework)
• Experience with deploying and managing Cloud-based Vulnerability scanning solutions
• Familiarity with compliance regulations, frameworks, and certifications (e.g., NIST, FFIEC.)
• Experience with Vulnerability ratings methodologies
• Background in Windows & UNIX platform Administration
• Experience with a scripting language(s)

Work Timings* :1:30 PM - 10:30 PM

: Chennai, Hyderabad

Process Overview*

Global Information Security (GIS) functions by analyzing, researching, improving, defining, implementing, and executing information security processes defined, in large part, by past high profile audit issues. Key responsibilities include Data Quality management of closed manually identified P2 vulnerabilities, developing an understanding of the LOBs that report vulnerabilities via manual flat file to GIS, following standard practices and procedures in analyzing situations or data, and supporting team members in performing specialized GIS functions, primarily Data Quality assurance. Job expectations include partnering with teams inside, and outside, of GIS, inclusive of GIS, CTI, EET, APS&E, GT Risk, and others.

Job Description*

This job is responsible for supporting Global Information Security (GIS) functions by analyzing, researching, improving, defining, implementing, and executing information security processes defined, in large part, by past high profile audit issues. Key responsibilities include Data Quality management of closed manually identified P2 vulnerabilities, developing an understanding of the LOBs that report vulnerabilities via manual flat file to GIS, following standard practices and procedures in analyzing situations or data, and supporting team members in performing specialized GIS functions, primarily Data Quality assurance. Job expectations include partnering with teams inside, and outside, of GIS, inclusive of GIS, CTI, EET, APS&E, GT Risk, and others.

Responsibilities*

• Actively leads, executes, and managed weekly Data Quality activities required by audit issue sustainability.
• Supports activities requiring Global Information Security (GIS) engagement and facilitating problem resolution for cyber security related issues
  Supports adherence to appropriate risk tolerance levels, operating in accordance with defined information security policies to protect against threats to data confidentiality, integrity, and availability.
  
• Engages with peer GIS report and application development teams, vulnerability identification/scanning, and vendor support teams.
• Interprets the information security requirements outlined in polices, standards, and procedures and reinforces requirements through education and awareness.
  Engages with key stakeholders in GIS, Core Technology Infrastructure, APS&E, EET, and GT Risk as/when needed.
• Ensures CIO partners are evaluating the right set of un-scannable CVE vulnerabilities utilizing the expected set of GIS rated P2 CVEs.
• Manages a small set of simply SPI metrics monthly.

Requirements*

Education* :B.E. / B Tech / M.E. / M Tech / MCA / M.Sc.

Certifications (If Any)* :ISO 27001 LA, Ethical Hacking

8 -10 Years

Foundational Skills*

• Remediation Evidence Validation
• Vulnerability Management / Assessment
• Understands CVE Vulnerability Data
• Vendor Management
• Leads Meetings / Coordinates across Stakeholders
• Controls Management
• Product Version Interpretation
• NVD / NIST / Discovery / CMDB Remedy / other SOR tool usage
• Visio Flowcharting
• Data Governance
• Risk Management
• Business Acumen
• Cyber Security
• Advisory

Desired Skills*

• Knowledge in Vulnerability Assessment
• Vulnerability Remediation
• Strong Technical knowledge

Work Timings* :1:30 PM – 10:30 PM

: HYD, CHE

Process Overview*

Global Information Security (GIS) functions by analyzing, researching, improving, defining, implementing, and executing information security processes defined, in large part, by past high profile audit issues. Key responsibilities include Data Quality management of closed manually identified P2 vulnerabilities, developing an understanding of the LOBs that report vulnerabilities via manual flat file to GIS, following standard practices and procedures in analyzing situations or data, and supporting team members in performing specialized GIS functions, primarily Data Quality assurance. Job expectations include partnering with teams inside, and outside, of GIS, inclusive of GIS, CTI, EET, APS&E, GT Risk, and others.

Job Description*

This job is responsible for supporting Global Information Security (GIS) functions by analyzing, researching, improving, defining, implementing, and executing information security processes defined, in large part, by past high profile audit issues. Key responsibilities include Data Quality management of closed manually identified P2 vulnerabilities, developing an understanding of the LOBs that report vulnerabilities via manual flat file to GIS, following standard practices and procedures in analyzing situations or data, and supporting team members in performing specialized GIS functions, primarily Data Quality assurance. Job expectations include partnering with teams inside, and outside, of GIS, inclusive of GIS, CTI, EET, APS&E, GT Risk, and others.

Responsibilities*

• Actively leads, executes, and managed weekly Data Quality activities required by audit issue sustainability.
• Supports activities requiring Global Information Security (GIS) engagement and facilitating problem resolution for cyber security related issues
  Supports adherence to appropriate risk tolerance levels, operating in accordance with defined information security policies to protect against threats to data confidentiality, integrity, and availability.
  
• Engages with peer GIS report and application development teams, vulnerability identification/scanning, and vendor support teams.
• Interprets the information security requirements outlined in polices, standards, and procedures and reinforces requirements through education and awareness.
  Engages with key stakeholders in GIS, Core Technology Infrastructure, APS&E, EET, and GT Risk as/when needed.
• Ensures CIO partners are evaluating the right set of un-scannable CVE vulnerabilities utilizing the expected set of GIS rated P2 CVEs.
• Manages a small set of simply SPI metrics monthly.

Requirements*

Education* :B.E. / B Tech / M.E. / M Tech / MCA / M.Sc.

Certifications (If Any)* :ISO 27001 LA, Ethical Hacking

8 -10 Years

Foundational Skills*

• Remediation Evidence Validation
• Vulnerability Management / Assessment
• Understands CVE Vulnerability Data
• Vendor Management
• Leads Meetings / Coordinates across Stakeholders
• Controls Management
• Product Version Interpretation
• NVD / NIST / Discovery / CMDB Remedy / other SOR tool usage
• Visio Flowcharting
• Data Governance
• Risk Management
• Business Acumen
• Cyber Security
• Advisory

Desired Skills*

• Knowledge in Vulnerability Assessment
• Vulnerability Remediation
• Strong Technical knowledge

Work Timings* :1:30 PM – 10:30 PM

: HYD, CHE

Responsibilities*

• Facilitate Scrum Events (Daily Stand-ups, Sprint Planning, Sprint reviews and Retrospectives)
• Bridging Communications between Agile teams and business stakeholders
• Balance team capacity with business priorities, ensuring both productivity and quality.
• Remove impediments to the team’s progress, escalating issues where necessary.
• Foster collaborative environment focused on continuous environment.
• Collaborating with peers and business units in a team-focused environment
• Communicate effectively with Stakeholders, business teams and cross functional teams.
• Identify, track, and mitigate Project Risks
• Escalate Major issues and manage resolution plans.
• Produce Regular Project status reports (Progress, Roadblocks and Achievements) for Leadership
• Translate Agile outputs into executive level reports and stakeholder updates.
• Ensuring compliance with Project governance, change management and documentation standards.

Requirements*

Education* -Bachelor’s degree in IT Discipline

Certifications If Any* -Any security certifications, Certified Scrum Master (CSM), PMI-ACP, PMP or equivalent would be a plus.

6-8 Years

Foundational skills*

• Experience in Project Management
• Proficient in Project tracking Tools (e.g., Jira, Confluence, ServiceNow)
• Scrum master
• Experience in Stakeholder management
• Experience in Front end development
• Familiarity with Network Security & Cloud concepts
• Familiarity with DevOps or CI/CD environments
• A broad knowledge of Information security principles
• Deep understanding of Agile/Scrum frameworks and SDLC Concepts
• Understanding of Risk management, Governance and Compliance Methodologies
• Understanding of IT Infrastructure and Security implications
• Strong skills in Stakeholder management, change management support and Reporting.
• Familiarity with Network Security / Cloud Network Security concepts
• Strong Analytical and Problem-Solving Skills
• Strong Leadership, facilitation, and conflict resolution skills
• Excellent verbal and written communications skills.
• Good presentation and documentation skills.

Desired skills*

• Basic knowledge in scripting and System Integration Concepts
• Basic Splunk knowledge (SIEM Tools)
• Project Governance knowledge
• Familiarity with Front-End development and business analysis concepts is a plus.
• Risk and Stakeholder Management Expertise
• Excellent interpersonal and stakeholder management abilities
• Familiarity with and basic understanding of basic network fundamentals, like OSI model, TCP/IP model NAC concepts etc.

Work Timings* -12:30 PM to 09:30 PM

HYD, CHE

Responsibilities

• Independent Contributor who can work independently and be a value add to the team and requires very less handholding
• Ability to work with Senior Management team and provide support to their requests
• Able to multi-task and work effectively across multiple tasks
• Strong in Microsoft Office suite skills, particularly with Excel
• Demonstrated experience with performing analytics on large data sets and summarizing the data into a succinct communication for SLT consumption
• Lead or assist project management oversight for key initiatives
• Create “world class presentation” for the Executive Management (in Weekly/monthly/town halls/off-site/leadership meetings)
• Partner with HR/Staffing on people related metrics
• Establish strong working relationships with all business partners through the organization
• Manage and facilitate meetings with stakeholders. Articulate variances and collaborate with stakeholders to produce and execute mitigation plans.
• Strong communications skills and ability to effectively communicate with DH Spocs and be able to follow up and get closure on timebound activities
• Highly committed and ability to work in fast paced environment against tight deadlines
• Positive attitude to resolve problems and ability to work odd hours to support the business demands

Requirements

Education-Graduate / Postgraduate

Certifications if any- NA

- 10-15 Years

Foundational skills

• Able to learn quickly, including learning systems, and produce results
• Strong in Microsoft Office suite skills, particularly with Excel – ability to code
• Expertise in SharePoint. Ability to work with Excel is a must.
• Able to lead projects to completion with minimal management oversight.

Desired skills

• Strong analytical skills
• A proactive approach to problem solving and think innovatively
• Able to communicate in a clear, concise manner
• Able to multi-task and work effectively across multiple organizational units
• A self-starter with ambition and drive and exhibits ability to proactively follow up and get results
• Strong oral and written language skills
• Relationship management skills
• Process Re-engineering skills
• Ability to work with individuals at all levels within organization
• Excellent communication skills
• Highly committed and ability to work in fast paced environment against tight deadlines
• Ability to work in international virtual teams and in matrix structures and being a good team player
• Interested in contributing to the organization and who is achievement, goal and impact-oriented
• Of high integrity, energy and has strong interpersonal skills
• Self-directed, detail oriented, organized, and exercises good judgment
• Positive attitude to resolve problems and ability to work odd hours to support the business demands

Work Timings- 11:00 AM to 8:00 PM

Mumbai/Chennai/Hyderabad

Process Overview*

Global Information Security (GIS) functions by analyzing, researching, improving, defining, implementing, and executing information security processes defined, in large part, by past high profile audit issues. Key responsibilities include Data Quality management of closed manually identified P2 vulnerabilities, developing an understanding of the LOBs that report vulnerabilities via manual flat file to GIS, following standard practices and procedures in analyzing situations or data, and supporting team members in performing specialized GIS functions, primarily Data Quality assurance. Job expectations include partnering with teams inside, and outside, of GIS, inclusive of GIS, CTI, EET, APS&E, GT Risk, and others.

Responsibilities*

• Vulnerability Management
• NVD / NIST / Discovery / CMDB Remedy / other SOR tool usage
• Visio Flowcharting
• Product Version Interpretation
• Understands CVE Vulnerability Data
• Leads Meetings / Coordinates across Stakeholders
• Controls Management
• Data Governance
• Risk Management

Requirements*

Education* :B.E. / B Tech / M.E. / M Tech / MCA / M.Sc.,

Certifications (If Any) :ISO 27001 LA, Ethical Hacking

8+ Years

Foundational Skills:

• Experience in Vulnerability Management/Assessment
• Experience in Product Version Interpretation
• Strong understanding of CVE/CSS/CWE
• Understanding of Stakeholder Engagements
• Understanding of Compliance and Governance
• Experience in Information Security Management
• Experience in Governance, Risk & Compliance
• Excellent written/verbal communication skills

Desired Skills:

• Knowledge in Vulnerability Assessment
• Vulnerability Remediation
• Strong Technical knowledge

Work Timings* :1:30 PM - 10:30 PM

: Chennai, Hyderabad