Security Analyst Graduate Experience Jobs in Pune

Job description:Job Title: Senior IT Security AnalystLocation: Pune, IndiaExperience: 8-13 YearsEmployment Type: Full-Time

We are looking for a Senior Security Analyst with 8 to 13 years of experience to join our team in Pune, India. The ideal candidate will be responsible for enhancing our security posture and protecting our systems from potential threats.Key Responsibilities:- **Threat Analysis:** Analyze and identify potential security threats to our systems, ensuring proactive measures are taken to mitigate risks.- **Security Policy Development:** Develop and implement security policies and procedures to ensure compliance with regulations and best practices.- **Incident Response:** Respond to security incidents, investigating breaches and providing recommendations for improvement to prevent future occurrences.- **Security Audits:** Conduct regular security audits and vulnerability assessments to identify weaknesses in our infrastructure and recommend solutions.- **Team Collaboration:** Work closely with IT teams and other departments to design and implement security solutions that support business objectives.Required Skills and Expectations:Candidates must have a strong understanding of information security principles and technologies. Experience with security tools, incident response, and risk management is crucial. In addition, excellent problem-solving and analytical skills are required. The ideal candidate should be able to communicate effectively with technical and non-technical stakeholders, providing clear insights into security issues and strategies. A graduate degree in a related field is necessary, and relevant security certifications will be an advantage.

Third Party Governance Role: . Vendor Risk Identification and Analysis: Revise the Vendor Risk Assessment Playbook, Process, and Procedures to ensure they're up-to-date with industry practices. Construct a risk assessment plan using a standardized approach to minimize the bank's exposure to third-party vendor risks. b. Third Party Cyber Risk Assessments: Analyse third-party cyber risk assessment documents and procedures to ensure comprehensive risk management. Continually monitor and adapt to new risks, ensuring that assessment strategies are proactive. c. Tools, Measurement, and Analysis: Scrutinize and validate cyber tools and create test cases to assess the effectiveness of third-party cyber risk tools. Optimize the use of JIRA for improved tracking and management of cyber assessments. d. Program Governance Cyber PMO: Establish a Cyber Program Management Office to oversee and align cyber risk projects with organizational goals. Provide ongoing support for cyber risk initiatives and ensure effective communication among all stakeholders. Vendor Risk Assessment and Mitigation 1. Walkthroughs and Understanding: Conducting in-depth sessions with application owners to comprehend the application architecture, services provided, and IT processes involved. 2. Assessment Scope and Connectivity: Defining the scope of the assessment and identifying how vendor services connect with the organizations existing architecture. 3. Questionnaire Distribution and Assistance: Tailoring assessment questionnaires based on vendor service applicability and facilitating stakeholders in completing them. 4. Evidence Review and Follow-ups: Reviewing the evidence provided by stakeholders and conducting follow-up meetings for clarification and understanding of responses. 5. Gap Analysis and Validation: Analysing the questionnaires to identify gaps and conducting validation sessions with stakeholders on the findings. 6. Risk Assessment Reporting: Compiling

2 to 4 years of experience in implementing IAM engagement including design, development, and application support (SailPoint IIQ)Good hands-on experience on IAM reporting with SQL server as back end.Good hands-on experience on Privileged Account Inventory(PAI) with SQL server as back end.Customize, configure, and develop IAM solution integration.Deep understanding and hands-on experience on working implementation of SailPoint components like Workflows (both ootb and custom) Tasks (both custom and ootb) Identity model of the product and customization to the same (like custom attributes) Most relevant application connectors SSF Framework SailPoint forms and form elements.Experience on application and user onboarding.Good knowledge of User Access Review.Ability to understand the business requirements for User Access review and implementing them technically in the system to achieve the desired outcomes with minimal changes to the system.Experience on Roles and Entitlement used in IAM solution.Deep understanding of RBAC concepts and understanding of the SailPoint Roles to ensure proper discovery and implementation.Good knowledge of web server and application server.Experience to lead IAM strategy engagement (IAM road map etc.)Good understanding of LDAP concepts and working experience with the directories Experience in using database client tools like Toad, etc.Excellent development coding skills relevant to SailPoint (java beanshell oracle jsf etc.)Experience in using standard protocols like SSH, Telnet, RDP, etc.And related tools like Putty.Should have the ability to understand customer scenario and requirements (may include customized integration situations) and be capable of suggesting solutions.