Senior Information Security Analyst (IT Risk)

What does the team do?

Opportunity is part of the evolving cyber security group which is laser-focused on setting up industry benchmarks in managing & guarding against digital risks in a “Cloud Native- DevOps Only” environment. It is a lean-mean-special action group where every cyber sentinel gets an opportunity to work across domains, has the independence to challenge the status quo & evolve cyber practices to the next level of maturity. Our core competencies revolve around “Product & Platform security”, “Cloud Native Risk Management” and “Detection & Response”.

What you will be doing?

• Own the technology risk management practice and concentrate efforts on continuous improvement in GRC function aligned to global standards like NIST CSF, ISO 27001, ISO 31000, Cloud Security Alliance, etc.
• Develop and maintain cyber security policies, procedures, and standards-aligned to global standards.
• Perform risk assessments of the in-house products of InMobi and third-party vendor applications to identify current and future security risks.
• Evaluate emerging technologies for their adoption to strengthen InMobi’s defenses.
• Performs process-level walkthroughs, control testing, etc. for the identification and assessment of IT risks and controls.
• Effectively communicate key risks, findings, and recommendations for improvement with key stakeholders.
• Maintains risk register and develops IT Risk Management metrics and reports.
• Improve compliance with security standards and policies across third parties used in the enterprise.
• Monitor open third-party security issues and remediation actions associated with security control gaps to ensure timely closure.
• Responsible for conducting deep dives on IT security-related processes and systems.
• Executes information security awareness programs by regularly conducting workshops to educate employees about information security and best practices.

What is expected out of you?

• 3-6 years of experience in cyber security & risk management domain.
• Strong understanding of security governance, compliance and risk management principles.
• Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
• Ability to work independently with little direction and/or supervision.
• Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.
• Keen attention to detail with the ability to correct on the fly and work independently.
• Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker.
• Mindset to standardize & maximize automation in security & risk management space.
• High business acumen & ability to understand business objectives, technology stack and evolve security as a business enabler capability.
• Ability to operate, decide & evolve in ambiguous situations.
• Curiosity to learn & adopt emerging technologies.
• Holds vendor-neutral cyber security certifications (desirable).