HCL Technologies Limited Hiring For SENIOR SPECIALIST at Hyderabad / SecunderabadTelangana

Job Description (Posting)

Senior Information Security Analyst

About Wells Fargo India

Wells Fargo India enables global talent capabilities for Wells Fargo Bank NA., by supporting business lines and staff functions across Technology, Operations, Risk, Audit, Process Excellence, Automation, and Product, Analytics, and Modeling. We are operating in Hyderabad, Bengaluru, and Chennai locations.

Department Overview:
Wells Fargo views information security as enabling lines of business to mitigate information security risk in accordance with our risk appetite. Through a framework that addresses policy, process, operations, people, and technology, ICS protects our infrastructure, company data, and customer assets while ensuring alignment with applicable regulations and laws.

About the Role
Wells Fargo is seeking a Senior Analyst (Individual Contributor) in the area of Information and Cyber Security for the Third Party Information Security Evaluations team. The role activities include assessing, testing, monitoring, and reporting on the adequacy, efficiency, and effectiveness of information security-related controls for third parties.

Key Responsibilities

1. Work and collaborate with third-party service providers to assess information security risk in IT infrastructures, applications, and information security programs of varying sizes and complexities.
2. Execute remote security assessments via questionnaires, as needed, and complete associated reports and security plans.
3. Review/analyze third-party attestation and certification artifacts (SOC2, SIG, PCI DSS, etc.) shared by third parties to identify the information security risks.
4. Document assessment results and write assessment report(s) for key stakeholders in conjunction with the Wells Fargo Information Security Risk Assessment Program.
5. Provide subject matter expertise in the Third Party information security program and provide timely solutions to identified problems.
6. Work independently as the Third Party Assessment lead. Collaborate with the senior leader – Third Party Assessment management US and internal stakeholders.
7. Analyze the data related to information security findings and present meaningful views to relevant stakeholders on the trends and patterns of control gaps.

Required Qualifications

1. 10+ years of experience working in Information Security Governance Risk and Compliance.
2. 4+ years of experience working in Third Party Information Security Assessment or Cyber Security Assessments.
3. Bachelor's and/or Master’s degree in Computer Science or Information Systems.
4. Knowledge of security frameworks and regulations such as ISO 27001/27002, PCI DSS, COBIT, NIST, GLBA, GDPR.
5. One or more professional certifications like CISA or CISSP.
6. Exposure in Conducting Onsite or Remote Third Party Information Security risk evaluations.
7. Superior attention to detail with excellent written and verbal communication skills.
8. Expertise in writing technical reports.
9. Demonstrated critical thinking and analytical skills.
10. Demonstrated experience in developing and presenting operational metrics.
11. Strong understanding of information security domains and possesses a well-rounded technical background. Knowledge of operational risk, IT processes, and systems.
12. Comfortable with making and presenting recommendations to a wide audience of stakeholders.
13. Stay informed and educated on current and potential security threats and attacks.
14. Ability to work with complex teams and have global experience, specifically with US banks.

Desired Qualifications

1. Demonstrated experience in stakeholder management.
2. Demonstrated experience of conflict resolution, negotiation, and problem identification and solving skills.
3. Demonstrated experience in managing complex projects related to information security.

Qualification
B-Tech

Skill (Primary)
Information Security - Security Assessments - Cyber Security Assessments