Information Security Engineer

 Member of Information Security Group
 Shall work with analyst and manager to support various cyber security activities

 Be a reviewer for implementation of the information security control framework by working with all relevant stakeholders
 Conduct and draft information security risk assessment
 Conduct ISG driven internal SPOT checks
 Help and support implementation of all the contractual requirements within the engagement
 Handle various standard, regulatory and compliance requirements such as ISO27001, SSAE16, PCI DSS, HIPAA etc.
 Respond to RFPs and RFIs, review agreements for prospects or clients
 Analyze data generated during ongoing information processing activities to generate metrics that indicate the level of risk
 Conduct awareness sessions within Infosys
 Verify compliance to contractual requirements within the engagement
 Support ISG managers during client audits at different locations

 The candidate shall have at least 2-4 years’ experience in Information Security Governance, risk and compliance management with strong data and network security concepts. The candidate shall have good experience in the areas of Risk Management, Governance, Compliance, Security policy and Metrics.
 The candidate should possess good technical, analytical, troubleshooting and problem solving skills. He shall have excellent communication and collaboration skills.
 The candidate shall possess good understanding of ISO 27001:2013, SSAE 16 SOC 1 & SOC 2, PCI DSS, HIPAA & other industry recommended standards and regulations.
 The candidate shall have strong technical understanding of Information Security

 Engineering Graduate or equivalent with 2 to 4 years of experience/ Post Graduate with 2 years of experience
 The candidate shall hold certifications ISO 27001 Lead Auditor\Lead implementer

Education: Bachelor of Engineering

Preferred skills: Domain->Infrastructure-Information Security Management->ISO 27001 Audit,Implementation