Infosys

Senior Information Security Engineer

Posted On

April 16, 2024

Location

Bangalore, Karnataka

Experience Level

2 - 6 Years Exp.

Job Type

Permanent

Apply By

July 25, 2024

Job Description

Responsibilities: 11.1 Conduct risk assessments for various business processes to identify and mitigate cyber security risks. 11.2 Assess the effectiveness of risk mitigation measures and identify the residual risk levels, additional control requirements if any. 11.3 Work with different functions within ISG to understand and take up risk specific inputs if any. Ex: Incident trend analysis, analysis of threat feeds, security architecture assessments, vulnerabilities identified by validation group if any. 11.4 Work with policy and compliance team to understand the control failure patterns reported in internal, external audits, compliance assessments and identify the risks. 11.5 Conduct risk assessments for new development centers, overseas locations 11.6 Perform scope validation for Supplier risk assurance program to identify new vendors to be added in scope. 11.7 Conduct supplier due-diligence to identify the cyber security risks before on-boarding the supplier. 11.8 Ensure that the supplier specific risks are tracked for mitigation. 11.9 Categorize and prioritize the suppliers’ basis the service/exposure to Infosys/client information. 11.10 Work with different stakeholders to classify and prioritize the information assets as per the classification schema. 11.11 Identify use cases to enforce the classification schema across different units and assist in criticality based control selection. 11.12 Ensure integrity of the data in IT GRC Modules related to supplier, site specific risk assessments and organization level risk register. 11.13 Monitor the risk dashboard for aging RTP analysis, reassess the accepted risks at least on an annual basis. Educational Requirements Bachelor of Engineering Additional Responsibities: Candidate should also know: Information Security Management System (ISMS) – ISO 27001, 27002 Knowledge of Information security baselines like SOGP, NIST cyber security framework etc. Cyber security risk management standards (Desired): o ISO 27005 Information Security Risk Management Standard o ISO 31000 Risk Management Standard o NIST and ISF Risk Management best practices IRAM (Information Risk Assessment Methodology) from ISF Knowledge of risk scenario development tools, techniques Quantitative and Qualitative risk assessment methodologies (FAIR, IRAM, ISO 31000 etc.) Technical and Professional Requirements: Information security concepts and principles, including confidentiality, integrity and availability of information. Knowledge of Enterprise security architecture (Security technologies, Operating systems, databases, network, applications) Threats and vulnerabilities related to: business processes, emerging technologies, data management, IT operations, third party relations, Critical assets, infrastructure, applications etc.

Jobs at Bangalore

Infosys

Project Manager

8 - 16 Years Exp.

Bangalore, Karnataka

Senior Information Security Engineer Apply Now

Job Description

Jobs at Bangalore

More Jobs at Infosys

Actively Recruiting Companies at Bangalore, Karnataka

Senior Information Security Engineer