IT Security Consultant - Network Devices/information Security

Negocios IT Solutions (P) LTD
  • Chennai
  • 10-15 lakh
  • 4-8 years
  • 23 Feb 2015

  • IT/ Information Technology

  • IT/ Technology - Software/ Services
Job Description

Main Skills are Communication

- Knowledge in Information Security

- Network devices (Firewall, Routers, etc.)

- Information Security Audit

- Patch / Vulnerability Management

- Attitude

- Vendor Management

- IT Service Management / ITIL

- Current security vulnerabilities knowledge

Skills required in position:

Technical Skills:

- Exp :- 5+ years

- Microsoft Office (Word, Excel, Powerpoint, Visio)

- Project Management Methodologies (PRINCE2)

- ISMS, ISO 27001 - Controls

- ITSM, ISO 20000, ITIL Process knowledge

- BCP/DRP - best practices

- Basic functions of devices - switches, routers, firewall, IDS, IPS, etc.,

- Risk Management methodologies

- Security audit process knowledge

- Vendor management

- IT Governance and Compliance, etc.

Organisational skills:

- Strong Analytical and Problem Solving skills

- High level communication and collaboration skills

- Risk Analysis and Management

- Ability to react to a changing environment

Personal skills:

- Proactive

- Detail-oriented

- Ability to influence and persuade

- Multi-tasking

- Integrity and trust

- Self-starter and Willing to learn, etc.

Roles & Responsibilities:

- Handling Projects aligning with PRINCE2 methodologies

- Ensuring hosting vendors to comply with APMM Information security policies

- CSI to standardize and stabilize the process.

- Ensure to follow ITIL framework for information security management processes

Specified Description for position:

Main responsibilities:

- Schedule, organise, prepare and conduct weekly security operational calls with hosting vendors.

- Follow globally accepted project management methodologies while handling projects - EDEN - Security tower (e.g. PRINCE2, PEX tools, MAERSK Model)

- Apply adequate security controls/countermeasures wherever appropriate.

- Gather adequate knowledge about the current practices in place in all security processes (e.g., security plan, security handbook, access management, risk management, etc.)

- Provide security advices/suggestions to Prime Movers/Project Managers during non-compliance of APMM Information security policy against business requirements.

- Reach appropriate stakeholders to escalate and receive approvals for Information security exceptions from time to time.

- Develop a tool to measure the performance (delivery) of security management process.

- Actively involve, participate and close open security audit findings.

- Update all evidence for audit closure in ML Audit forum sharepoint portal.

- Overall act as a SPOC for all security related processes (e.g., Foundstone scan, anti-virus (ePO) process, 3rd party security audit process, system access request, data sourcing, CRB Domain ID creation, revoking unjustifiable access, etc.)

- Keep a track of all approved system access requests; after expiry date which can be used a reference to revoke the access granted.

- Maintain an excellent professional relationship with security management professionals/focal of hosting vendors.

Learning Opportunities in position:

- To know the various tactical plans to handle security vulnerabilities.

- To improve vendor management skills.

- To update your knowledge in current best practices for security management processes.

Job Posted By

About Organisation

Negocios IT Solutions (P) LTD