Overview
Risk Analyst Jobs in Pune, India at Zensar Technologies
Title: Risk Analyst
Company: Zensar Technologies
Location: Pune, India
Type: Full Time
Category: IT/Tech, Security
POSITION SUMMARY:
Individuals within the Information Security role plan, execute, and manage multi-faceted projects related to risk management, mitigation and response, compliance, control assurance, and user awareness. They are focused on developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization. These individuals provide expertise and assistance to ensure the company’s infrastructure and information assets are protected.
Individuals develop security policies and procedures such as user log-on and authentication rules, security breach escalation procedures, security assessment procedures and use of firewalls and encryption routines. They perform security assessments and security attestations. To enforce security policies and procedures, they monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions. They update, maintain, and document security controls and provide direct support to the business and internal IT groups.
These professionals work directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. They also communicate and educate IT and the business about security policies and industry standards and provide solutions for enterprise/business security issues.
PRIMARY DUTIES AND RESPONSIBILITIES:
Monitors compliance with security policies, standards, guidelines, and procedures.
Ensures security compliance with legal and regulatory standards.
Participates with team(s) to gather a full understanding of project scope and business requirements.
Maintains awareness of current business processes and their security risks.
Assists in business impact analysis to ensure resources are adequately protected with proper security measures.
Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
Runs security analysis reports using commercial tools or custom scripts and documents gaps.
Updates and maintains documentation for a global risk framework (a single view of the information security risk profiles and tolerance.)
Captures, maintains, and monitors information security risk in one repository.
Gathers, organizes, and maintains data for reporting.
Assists/performs in security assessments and performs security attestations.
Inspects security logs to uncover possible security violations (e.g., break-ins, unauthorized activity).
Checks existing accounts and data access permission requests against documented authorizations.
Supports the coordination of all IT internal and external assessment components.
Provides responsive support and guidance for problems found during normal working hours as well as outside normal working hours.
Escalates problems as needed.
Works with teams to resolve issues that are uncovered by various internal and third-party monitoring tools.
Gathers and tracks information security metrics.
Generates ad-hoc and routine reports.
Assists in application security risk assessments for new or updated internal or third-party applications.
Provides updates and status of issues to information security teams.
Interfaces regularly with…
