Cyber Security & Risk Assessment Specialist

Job Title : Cybersecurity and Risk Assessment Specialist- Location : Bangalore Experience : 5 years Job Description : We are seeking a seasoned Cybersecurity and Risk Assessment Specialist to join our team. In this role, you will conduct comprehensive assessments of vendors related to Cybersecurity, Business Continuity, Artificial Intelligence, and Cloud Service Providers. You will evaluate their information security policies, procedures, and controls with a focus on critical metrics such as Recovery Time Objective (RTO), Recovery Point Objective (RPO), and Maximum Tolerable Downtime (MTD). Key Responsibilities : - Conduct thorough risk assessments across various Information Security domains and frameworks, including NIST, ISO 27001:22, and ISO 42001, with a strong emphasis on security best practices. - Collaborate effectively with internal teams to identify and assess critical vendors, analyzing their potential impact on the organization's cyber risk profile. - Communicate findings and recommendations from risk assessments to key stakeholders, including senior management, legal, and compliance teams. - Work closely with vendors to address identified security gaps, ensuring compliance with organizational cybersecurity requirements such as Multi-Factor Authentication (MFA) and Single Sign-On (SSO). - Utilize strong understanding of technology and information security controls, including Cryptography, Access Control, and Network Security. - Leverage exposure to cloud technologies and cloud security, particularly with AWS, Microsoft Azure, or Google Cloud. Technical Knowledge : - Strong understanding of authentication types, including MFA and SSO. - Knowledge of encryption techniques (e.g., AES, RSA) and key management practices (e.g., AWS KMS). - Proficiency in communication security protocols (e.g., TLS/SSL, IPsec). - Expertise in implementing access controls (e.g., Role-Based Access Control (RBAC), Mandatory Access Control (MAC)). - Familiarity with network security principles (e.g., firewalls, IDS/IPS). - In-depth knowledge of Public Key Infrastructure (PKI) and SSL certificates for secure communication. - Hands-on experience with cryptographic algorithms (e.g., AES, RSA, SHA-256). - Ability to analyze and interpret penetration test reports, focusing on OWASP Top 10 vulnerabilities and tools like Nessus or Burp Suite. - Expertise in Vulnerability Management and data backup/restore strategies, ensuring data integrity and business continuity. Qualifications : - Proven experience in cybersecurity risk management and vendor assessments. - Excellent verbal and written communication skills, with the ability to interact with cross-functional teams and external vendors. - Strong analytical skills and attention to detail. (ref:hirist.tech)

Location: bangalore, IN

Posted Date: 11/22/2024