Responsible for managing security control, performing risk assessment, incident management, vulnerability management.
Study customer network architecture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risks.
Review security status with account team on a regular basis that includes the review of risk, issue, incident and outstanding activities, current and planned changes with respect to different offshore development centres.
Evaluate security technology to customer policy & standard.
Provide security consultancy services on a need basis to assist customers with IT security & architecture.
Responsible for HIPAA regulatory control implementation and audits.
Responsible for ISO 27001 audits & control implementation.
Security Assets inventory
Oversight of Firewall Rules
Oversight of Patch management
Oversight of Malware & Antivirus management.
Weekly report to the client for value adds findings and recommendation plan.
Monthly scanning of client subnets for Vulnerabilities. Follow-ups for remediation.
Monitoring & escalation of email server for SPAM and inappropriate emails.
Monthly meeting/coordination with data and application owner for issues/query.
Coordination with business and support group for process improvement/review.
Single point of contact for any escalation for security issues.
3-5 years of experience