Security - VP - Security Consultant
Gurugram, India | Leading Financial Services Company
Functions:IT / Information Technology
Consulting - IT
Job Description:53 people have viewed this job
Technology Security, part of COG Technology, defends Leading Financial Services Company's information.The team ensures all information is adequately protected from inappropriate disclosure, that integrity is maintained and information is available when required.
We are looking to recruit an experienced Senior Technical Security Consultant who will be part of the global Security Consulting team and report to the Head of Security Consulting based in Sydney, Australia. The Consulting team operates as a recoverable business model.
The role will require the successful applicant to deliver company-wide technical security risk assessment and consulting services across business groups, manage the pipeline of work from their client base, operate within a global team, report issues and recommendations for management follow up, and manage client relationships.
Deliver authoritative, practical and responsive consulting services on all aspects of enterprise information security risks to COG Technology.
Provide security design services helping project teams build their solution to meet security best practices
Provide security consulting services to projects throughout their lifecycles, to help ensure the application and infrastructure solutions being deployed meet appropriate and adequate security standards.
Identify and assess key IT security risks and recommend appropriate and practical treatment plans.
Build and maintain productive, collaborative relationships with stakeholders in COG Technology and the business.
Determine security design issues and drive attack surface analysis and most "at-risk" components.
Detailed knowledge of technical security concepts and their practical application. This knowledge is required across the application, operating system and network layers.
Experience in technical security design and/or risk assessment – across enterprise infrastructure, web technology and applications platforms. Note: this is specific technology, rather a technical information security based role.
Understanding of current and emerging security technologies, security threats and trends.
Experience working within DevOps structured teams (including continuous integration and delivery).
Experience with security across multiple cloud / virtualization environments: AWS, Azure, Google cloud VMWare etc.
Proven experience with threat modelling and risk analysis.
Technology savvy, with exceptional communication skills, both written and verbal.
Logical thought mindset and experience developing reusable processes / data architecture.
Knowledge of security architecture – across enterprise infrastructure, web technology and applications platforms.
The following characteristics are considered essential for the role
Strong and self-confident, adaptable and flexible – capable dealing effectively with colleagues and business users in a constantly evolving environment.
Ability to gather written and verbal information from multiple sources, assess and consolidate risks, provide appropriate recommendations.
Ability to handle multiple tasks ,prioritise effectively, remain calm under pressure and when faced with adversity or urgent issues
Comfortable working as part of global team across geographies, cultures and time-zones.
Focused on business enablement whilst being able to reach balanced judgements vs. security.
Enthusiastic and creative, an inquisitive nature with an attention to detail, yet able to think outside the box and consider the big picture.
Ability to influence and educate stakeholders and management regarding appropriate security and IT risk management.
Minimum required experience
Significant experience in technical security risk assessment in a consulting capacity.
Proven ability to deliver end to end Information security / risk assessment services.
Excellent analytical and problem-solving skills.
Financial services experience preferred.
University degree in computer science or engineering, or equivalent.
Technical security certifications including platform/infrastructure-specific certifications, e.g. CISSP, GIAC, CCNA.
Risk management certifications (preferred, not mandatory), e.g. PCI-DSS, CISA, CISM, SABSA.