Associate Cyber Security Engineer

Job Description:

Mandatory: ISO 27001 LA and implementor, CEH training/certification and Security knowledge

• 1 to 3 Years of experience in Cyber Security
• Experienced in ISO 27001, SOC 2 Type II and other regulatory requirements.
• Knowledge of the implementation of NIST framework and NIS 2 requirements
• Ensuring that customer specific data and asset security policies are implemented and followed successfully.
• Develop and implement business processes and policies related to controlling access to customer transactional data from Cloud and remote monitoring site.
• Experience in AWS standard security features like IAM, Guard duty, Security hub, etc.,
• Perform initial and periodic information Privacy and Security risk assessment/analysis, mitigation, and remediation with the business functions.
• Contribute for BCP planning and coordinate with the stakeholders for BCP testing
• Conduct regular audits to ensure compliance to the data security standards.
• Build, implement and monitor remedial procedures in case of any data security breach.
• Contribute to the security awareness campaigning via electronic, physical, and walk & talk sessions. 
• Monitor DLP (Data Leakage Prevention) in accordance with established processes and procedures
• Knowledge of Zscaler policy creation and monitoring
• Monitor security events and threats. 
• Perform vulnerability testing, risk analysis and security assessments.
• Handle InfoSec tickets for privileged access management, security exceptions etc.
• Perform periodic review of security controls in AWS and our data centers
• Implementation of new security tools and technologies
• Perform vulnerability scans/assessments for applications and infrastructure
• Knowledge of threat model and perform risk assessment