Information Security | Governance Risk and Compliance, Audits , Workflow

We are directly work with Infosys.

Established in 1981, Infosys is a NYSE listed global consulting and IT services company with more than 198,000 employees. From a capital of US$ 250, we have grown to become a US$ 10.4 billion (LTM Q1 FY 18 revenues) company with a market capitalization of approximately US$ 34.50 billion.

In our journey of over 35 years, we have catalyzed some of the major changes that have led to India's emergence as the global destination for software services talent. We pioneered the Global Delivery Model and became the first IT Company from India to be listed on NASDAQ. Our employee stock options program created some of India's first salaried millionaires.

Read more about the defining moments in the history of Infosys.

Client: Infosys

Title: Information Security | Governance Risk and Compliance, Audits , Workflow

Location: Stamford, CT

Duration: 6 Months

Experience Need: Min 8+ yrs

Rate: $55/hr on c2c

Job Description:

· The Information Security Engineer is delivering a key service to an enterprise-level team of Information Security specialists.

· This person will ensure that our Information Security systems are designed, implemented and secured to appropriate operational standards thus maintaining and enhancing customer trust.

· This person will incorporate resiliency into our systems and application designs.

· Activities include: security application analysis against published operational standards; identification of gaps; proposed plans for remediation; work with management to document all of the above.

· The Information Security Engineer may perform additional technical functions related to Information Security and ensure compliance with RBS Global Information Security policy and best practices across all business units within RBS Securities, North America.

The primary responsibilities of the Senior Information Security Analyst position are:

· Assist in the ongoing engineering and operation of the Security Operations Center's Security Information and Event Management (SIEM) tool.

· Must be able to develop and implement SIEM use cases to identity and respond to malicious events in real-time.

· Also should work with SecOPs to reduce the false positive and suppress duplicate alerts.

· Respond to security incidents and generate targeted alerts for suspected areas.

· Assist in the creation of an end-to-end technology strategy for SIEM to address current and future security concerns, emerging threats, regulatory compliance and alignment with technology and the business.

· Keep us on the leading edge with respect to knowledge of security threats (including Web, mobile and desktop applications), vulnerabilities and controls, and assess their applicability to our business initiatives and business strategies

· Manage minor projects / tasks and provide regular reports on progress.

· Perform other duties, as assigned.

COMPETENCIES

· The ideal candidate will have knowledge and experience with the following operating systems: Windows, *nix (RHEL, centOS)

· Must have strong understanding of information systems security; network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems, Microsoft Office applications; intrusion tools; and computer forensic tools such as EnCase, Access Data, and FTK.

· The candidate must be able to conduct exams on compromised computers and servers.

· Proficiency in conducting live analysis on networks, and multiple platforms is desired.

· Must possess the ability to articulate in written and oral communication.

· An extensive interview will be conducted, and will cover a variety of topics, such as network architecture and information security, to computer forensic methods and best practices, as well as investigative techniques.

Technology Requirements:

· Bachelor’s Degree or equivalent experience in Information Technology

· 5+ years’ experience designing and implementing fault-tolerant applications, 3+ years’ experience in Information Security.

· Hands-on security experience is essential.

· Prior experience implementing: high availability applications utilizing SAN, clustering, virtualization.

· Familiarity with: bespoke applications built on an MS SQL back end.

· Experience with any of the following security tools (or equivalents) desired: Splunk ES, UBA, Carbon Black McAfee Vulnerability Management / Foundstone, Varonis, Netpro AD Auditing

· Business/Analytical Knowledge.

· Demonstrated experience of managing forensic cases and corporate incidents is a must.

· Previous experience in a Financial Services firm a plus.

· Industry certifications a plus (CISSP, CISA, CISM, CEH, CFE, CCFE).

BE or BTech

All your information will be kept confidential according to EEO guidelines.