Description
Knowledge and experience- 4-8 years of experience in information security with an emphasis on risk assessment and/or risk management
- End-to end implementation of ISO 27001 risk management framework
- Demonstrated ISO 27001 or other standard audit framework skillset in several information security domains - Mandatory
- Experience conducting successful information security risk assessments Mandatory requirement
- Experience conducting successful third party information security risk assessments Preferred
- Demonstrated understanding & functional knowledge of technical domains of risk assessments to include at a minimum: - Mandatory
- Network security
- Identity and Access Management (IAM)
- Asset security
- Operational security
- Cloud Security
- VM
- Experience with GRC tools (e.g. RSA Archer) Preferred
- Certifications such as ISO 27001 LA, CISSP and/or CRISC are preferred
Skillset
- Proficiency in Microsoft Office suite, including PowerPoint, Excel, Visio, Word
- Able to manage multiple projects simultaneously, with strong ability to prioritize multiple tasks and respond to emergencies, organize and schedule work effectively
- Bold, decisive manner but not overbearing; capability to interact with many new individuals in different contexts week-to-week
- Exceptional communication, collaboration, and advocacy skills, both verbal and written, with the ability to express complex and technical issues as understandable language to all levels of personnel within Sony, and with clients and other stakeholders
- Must work well with others in a globally and culturally diverse environment
- Excellent analytical and problem solving skills
Required Skills
- RISK ASSESSMENTS
- Third party Risk management
- ISO 27001
- Risk Management
- Cloud Risk Analyst
Department
SIE - Risk Management
Open Positions
1
Skills Required
Information Security Management, Risk Assessment, risk analysis
Role
Analyst will be responsible for conducting end to end information security risk assessments to identify, rank, document and ensure treatment of risks in a timely manner
Job Description
- Conduct risk assessments to identify, assess, rank, and monitor information security risks for Sony group third parties
- Conduct risk assessments to identify, assess, rank, and monitor information security risks to Sony group internal assets
- Ensure risk recommendations are made and have action plans documented in the enterprise risk management tool
- Have regular meetings with internal & external stakeholders to ensure risk recommendations are tracked, updated and eventually closed
- Keep Sony management updated on the status of risk assessments, treatment, and closure
- Advise and make recommendations regarding appropriate personnel, physical, and technical security controls required for mitigating identified security risks
- Act as an information security advisor to SIE business and technology groups
Location
Bengaluru
Education/Qualification
B-TECH or other relevant
Years Of Exp
4 to 6 years
Designation
Senior Risk Analyst
