Informatica Sr Information Security Analyst 

India, Karnataka, Bengaluru 

631499672

Day-to-day Duties? Here's What You'll Be Doing

• Address security questionnaires (for key information security controls)
• Collaborated with legal to review and redline key information security clauses in the contract review process.
• Develop and maintain audit plans, including scope, objectives, and testing methodology for Customer Audit and Assessment.
• Collaborate with other departments to ensure get the response and update the audit/assessment response.
• Attend customer meetings to walk them through the internal security posture of the organization.
• Document and report audit/assessment/meeting findings and recommendations to the team.
• Address or assist sales teams during the RFP process if customers have information security related questions.
• Manage and improve the security risk posture to keep in-line with current threat landscape, enterprise strategy/initiatives and current regulatory requirements at least annually.
• Act as a subject matter expert and guide during customer and supplier contract negotiations (Procurement or Legal-led negotiations).
• Collaborate with business partners and work cross-functionally with departmental team members to perform Security Audits
• Support the internal Third Party Risk Management team in reviewing the onboarding request, annual risk assessments
• Manage operational effectiveness of security controls, perform root cause analysis on failures, and drive remediation in a continuous improvement process.
• Work with security/technical teams, suppliers, and partners to ensure that appropriate controls are implemented, measured, and improved over time.
• Prepare compliance and risk assessment reports by collecting, analyzing, and summarizing information from walkthroughs, interviews, and systems.

Key Essentials

• Candidate must have 4+ years working in information security.
• At least 1 IT Security certification required (CISSP, CISM, CISA, SANS, Security+, etc.)
• Functional knowledge of the common security domains, industry standards, and best practices.
• Experience with common security and privacy frameworks (i.e., ISO 27001/2, SOX IT Controls, SOC2 Trust Principles, PCI-DSS, HIPAA, GDPR, NIST 800-53, FedRAMP, CIS18).
• Ability to communicate risk methodologies and concepts to the business unit and IT.
• Demonstrated experience with controls definition, development, implementation, and assessment.
• Demonstrated experience leading and executing security assessments.
• Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
• Strong critical thinking and communication skills (verbal/written).
• Strong attention to detail, project management and organizational skills.

What We would Like to See

• A pragmatic and professional nature.
• Ability to work proactively, and independently in a fast-paced environment.
• Open minded, able to share information, transfer knowledge to other team and Informatica employees.
• A dynamic nature with the ability to adjust to varying environments and cultures. Excited about working with a GRC team that encourages cross-training and occasionally supporting other functions inside the team (supplier trust, key compliance efforts, training, etc.)
• Able to manage multi-task assignments and efficiently prioritize with limited supervision.
• Able to establish and meet deadlines and establish clear priorities quickly.
• Experience in documenting and contributing to the development of security plans, compliance process flows and process creation.