Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Informatica Sr Information Security Analyst 
India, Karnataka, Bengaluru 
631499672

04.08.2024
Job Number 37316
Bangalore, Karnataka IN
Experience Level: Mid-Senior Level
Travel Requirement:

Day-to-day Duties? Here's What You'll Be Doing

  • Address security questionnaires (for key information security controls)
  • Collaborated with legal to review and redline key information security clauses in the contract review process.
  • Develop and maintain audit plans, including scope, objectives, and testing methodology for Customer Audit and Assessment.
  • Collaborate with other departments to ensure get the response and update the audit/assessment response.
  • Attend customer meetings to walk them through the internal security posture of the organization.
  • Document and report audit/assessment/meeting findings and recommendations to the team.
  • Address or assist sales teams during the RFP process if customers have information security related questions.
  • Manage and improve the security risk posture to keep in-line with current threat landscape, enterprise strategy/initiatives and current regulatory requirements at least annually.
  • Act as a subject matter expert and guide during customer and supplier contract negotiations (Procurement or Legal-led negotiations).
  • Collaborate with business partners and work cross-functionally with departmental team members to perform Security Audits
  • Support the internal Third Party Risk Management team in reviewing the onboarding request, annual risk assessments
  • Manage operational effectiveness of security controls, perform root cause analysis on failures, and drive remediation in a continuous improvement process.
  • Work with security/technical teams, suppliers, and partners to ensure that appropriate controls are implemented, measured, and improved over time.
  • Prepare compliance and risk assessment reports by collecting, analyzing, and summarizing information from walkthroughs, interviews, and systems.

Key Essentials

  • Candidate must have 4+ years working in information security.
  • At least 1 IT Security certification required (CISSP, CISM, CISA, SANS, Security+, etc.)
  • Functional knowledge of the common security domains, industry standards, and best practices.
  • Experience with common security and privacy frameworks (i.e., ISO 27001/2, SOX IT Controls, SOC2 Trust Principles, PCI-DSS, HIPAA, GDPR, NIST 800-53, FedRAMP, CIS18).
  • Ability to communicate risk methodologies and concepts to the business unit and IT.
  • Demonstrated experience with controls definition, development, implementation, and assessment.
  • Demonstrated experience leading and executing security assessments.
  • Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
  • Strong critical thinking and communication skills (verbal/written).
  • Strong attention to detail, project management and organizational skills.

What We would Like to See

  • A pragmatic and professional nature.
  • Ability to work proactively, and independently in a fast-paced environment.
  • Open minded, able to share information, transfer knowledge to other team and Informatica employees.
  • A dynamic nature with the ability to adjust to varying environments and cultures. Excited about working with a GRC team that encourages cross-training and occasionally supporting other functions inside the team (supplier trust, key compliance efforts, training, etc.)
  • Able to manage multi-task assignments and efficiently prioritize with limited supervision.
  • Able to establish and meet deadlines and establish clear priorities quickly.
  • Experience in documenting and contributing to the development of security plans, compliance process flows and process creation.