Cyber Security Senior Analyst - App. Security-Onsite / Bengaluru

Missions

 Performing security aspects of a portfolio of banking service platforms and applications by

implementing / contributing compliance projects to the functional and technical team.

 Assisting functional and technical teams throughout the major evolutions on platforms and applications.

This focus will be a big part of the scope of work and requires understanding of the architecture,

functionalities, and security policies.

 Follow compliance level of Applications adhering to global audit and regulatory programs (ECB Audit, NIST,

GDPR Compliance, NYDFS & SECAIA).

 Improve and maintain the level of security of applications and platforms, in compliance with regulatory

requirement and SG group security criteria.

 Collaborate with application team and technical teams, to deploy, troubleshoot and maintain required

security solutions with compliancy to security criteria.

 Responsible for report preparation on BAU, key programs and maintain a good level of communication

with different stakeholders of the projects.

 Plan, organize and insure follow up actions and action plans, therefore being autonomous is a must for

this role.

 Independently perform Application Security Assessment (ASA), Security control assessment and provide

security recommendations.

 Perform risk review and work on derogation / / ad-hoc request validations. Also maintain risk acceptance

documents as per the group guidelines.

 Drive Secure by design throughout SDLC of the applications.

 Demonstrate and train teams on Secure by design and latest security technologies.

Profile Required

 3 to 6 years of experience in the field of IT security with good Expertise and Knowledge in information

security.

 Able to understand architecture issues in order to develop security policies or relevant recommendations

on applications and projects. Also, should be able to discuss on an equal footing with the community of

architects and project managers of the applications concerned.

 Good knowledge on SDLC and hands-on experience in Security Environments and activities.

 Knowledge on Application Security / Vulnerability Management / Cloud Security / Thread modeling.

 Awareness of digital technologies and understanding of functional domain and business processes.

 Good in identifying & proposing process improvements, documentation preparation and consolidation on

process / technical subject related to Security.

 Knowledge on Cloud and network Security, IAM, Data encryption, SIEM.

 Understanding on regulatory programs like GDPR, NYDFS, SCHREMS, DORA etc...

 Knowledge on Cloud, Infra, Firewalls, Routers and Wifi

 Exposure to JAVA, API, ASP.Net, Spark, Python, react.js languages and technologies respectively.

 Exposer on security Tools – Qualys, Nessus, Nmap, Burp suite, SonarQube, netspaker, OWSAP, Open-

Source tool for Security Tests.

 Proper Work Ethics, Adaptability, Interpersonal skills and Problem-Solving Capabilities.

Mandatory Skills

• Application Security / Vulnerability assessment and penetration testing / Risk Management / Cloud Security /

API Security / Vulnerability management / DevSecOps

influence others.