The Job logo

What

Where

Senior Cyber Risk Analyst- Governance, Risk & Compliance (GRC)

ApplyJoin for More Updates

You must Sign In before continuing to the company website to apply.

Description

This position works as part of the Governance, Risk and Compliance (GRC) department, which is responsible for management of cyber risk across the enterprise.  The role offers the opportunity to be engaged in all facets of cyber risk including security, privacy, risk management, as well as security and compliance program development.  As a member of the department, the individual will be committed to overall data protection, risk management and its role in the company's continued success.  This position serves as an internal risk consultant and will be the subject matter expert responsible for designing, implementing, and supporting a security control framework for a multi-tenant software-as-a-service product. Primary responsibilities include assisting with audits of SSAE18 SOC 1, SOC 2, and ISO compliance exams and monitoring control activities in certified environments. This position demands an organized, detail-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus is required.

RESPONSIBILITIES
• Contribute risk and compliance expertise and support to assist in the achievement of cloud audit/compliance programs.
• Support customer hosted cloud environments to ensure control activities are designed and implemented appropriately to protect the security, confidentiality, privacy, integrity, and availability of data in compliance with organization policies and standards.
• Perform continuous monitoring activities to confirm the control environment is operating effectively and escalate identified deviations.
• Participate in risk assessments in SSAE18 SOC 1, SOC 2, ISO environments and collect evidence in support of audits.
• Assist external auditors conducting annual compliance audits by reviewing all evidence to confirm it satisfies the items included in the document request list.
• Utilize industry experience and knowledge to provide expertise and support to ensure company’s security framework remains in compliance with applicable regulations including evolving data privacy regulations.
• Support the development, implementation, and updating of security policies and procedures.
• Facilitate the exception and exemption processes for vulnerability management and hardening management programs.
• Perform additional duties and projects as assigned by management.

Qualifications

B Tech /MCA, Any Graduate

Set alert for similar jobsSenior Cyber Risk Analyst- Governance, Risk & Compliance (GRC) role in Noida, India
UKG Logo

Company

UKG

Job Posted

a year ago

Job Type

Full-time

WorkMode

On-site

Experience Level

3-7 years

Category

Operations

Locations

Noida, Uttar Pradesh, India

Qualification

Bachelor or Master

Applicants

Be an early applicant

Related Jobs

UKG Logo

Senior Security Analyst (Global SOC, Security Operations, Forensic Analysis)

UKG

Noida, Uttar Pradesh, India

Posted: a year ago

Description As a Senior Security Analyst, you will be part of the Security Operations Center team working with events and incidents as they come in. You will be monitoring infiltration attempts, analyzing logs, looking for patterns to ensure infiltration attempts are identified and dealt with in a timely manner. You will identify attack patterns and how to defend against them, and continuously evolve the team to be more efficient through the creation of tools. build our detection and response, and incident response capabilities, provide subject matter expertise in data analysis and risk assessments and respond to security incidents. Security Analysts are involved with highly technical operations and forensic analysis. You will be part of our global security operations center that follows a follow-the-sun structure, working to ensure continuous monitoring, detection and response to security events affecting UKG and our customers. You will work closely with our security operations centers in Fort Lauderdale, Singapore, and Paris. Job Location: Noida Shift Schedule: The ideal candidate will begin working a day shift from 0900-1800, either from 'Sunday to Thursday' or 'Tuesday to Saturday'. Analysts on each shift will eventually be required to rotate for a 30-day period onto a night shift (2330-0830 IST) for their required weekdays, with premium night pay as appropriate. We are looking for someone who is ready to work in Night Shift and open for 24X7 operations. Due to the nature of the work, you are required to have on-call duties on weekends. Primary/Essential Duties and Key Responsibilities: Detect, report, assess, and respond to information security incidents. Develop and maintain detection content to detect nefarious activities within the enterprise Build metrics on efficiency, effectiveness, and coverage, and demonstrate proof of value Continuously improve processes through automation and tools creation Isolate and remove malware. Maintain active investigations of security events escalated to and within the Security Operations Center Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. Mentors, coaches and trains Security Analysts and Security Analysts IIs and serves as the point person for escalation issues that may arise Provide 24/7 monitoring Qualifications Basic Qualifications: Bachelor's degree in computer science or a related discipline Working professional with 6+ years of relevant Security/SOC experience Experience with tools such as Splunk, Elastic Search, EDR solutions. Preferred Qualifications: Knowledge of the common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Excellent verbal and written communication skills.

UKG Logo

Security Analyst II (Global SOC, Security Operations, Forensic Analysis)

UKG

Noida, Uttar Pradesh, India

Posted: a year ago

Description As a Security Analyst II, you will be part of the Security Operations Center team working with events and incidents as they come in. You will be monitoring infiltration attempts, analyzing logs, looking for patterns to ensure infiltration attempts are identified and dealt with in a timely manner. You will identify attack patterns and how to defend against them, and continuously evolve the team to be more efficient through the creation of tools. build our detection and response, and incident response capabilities, provide subject matter expertise in data analysis and risk assessments and respond to security incidents. Security Analysts are involved with highly technical operations and forensic analysis. You will be part of our global security operations center that follows a follow-the-sun structure, working to ensure continuous monitoring, detection and response to security events affecting UKG and our customers. You will work closely with our security operations centers in Fort Lauderdale, Singapore, and Paris. Job Location: Noida Shift Schedule: The ideal candidate will begin working a day shift from 0900-1800, either from 'Sunday to Thursday' or 'Tuesday to Saturday'. Analysts on each shift will eventually be required to rotate for a 30-day period onto a night shift (2330-0830 IST) for their required weekdays, with premium night pay as appropriate. Due to the nature of the work, you are required to have on-call duties on weekends. Primary/Essential Duties and Key Responsibilities: • Detect, report, assess, and respond to information security incidents. • Develop and maintain detection content to detect nefarious activities within the enterprise • Build metrics on efficiency, effectiveness, and coverage, and demonstrate proof of value • Continuously improve processes through automation and tools creation • Isolate and remove malware. • Maintain active investigations of security events escalated to and within the Security Operations Center • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. • Mentors, coaches and trains Security Analysts and Security Analysts IIs and serves as the point person for escalation issues that may arise • Provide 24/7 monitoring Qualifications Basic Qualifications: • Bachelor's degree in computer science or a related discipline • Working professional with 3-5 years of relevant Security/SOC experience • Experience with tools such as Splunk, Elastic Search, EDR solutions. Preferred Qualifications: • Knowledge of the common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). • Excellent verbal and written communication skills.

UKG Logo

Lead Devops Engineer

UKG

Noida, Uttar Pradesh, India

Posted: a year ago

Description At UKG, we see DevOps as a methodology that unites operations and development to automate everything. Our team advocates for facilitating and building a DevOps culture and infrastructure.  This Senior DevOps Engineer will be responsible for all aspects of the code deployment pipeline from SCM check-in through production deployment  • Must have solid foundation in CI/CD concepts and are well-versed in the pipeline to push changes to production.  • Responsible for building and supporting deployment automation of various Java-based microservices which is repeatable, efficient, and cost-effective.  • Responsible for analyzing all deployment/infrastructure-related issues across Engineering / Production environments and providing swift resolution.  • Participates in building efficient automation solutions that are resilient, fault-tolerant, and upgraded with no downtime.  • Participates in code and design reviews to ensure quality and conformance to product standards.  • Possess a keen eye to detail as well as excellent debugging / troubleshooting skills. Qualifications • Bachelor’s degree in Engineering / Computer Science or equivalent experience with 5-8 years experience in DevOps  • Strong experience working with Terraform, Ansible and Public Cloud platforms such as GCP or AWS  • Well versed with containerization techniques such as Docker/Kubernetes and good exposure in developing Terraform / Helm scripts  • Good working knowledge with Linux CentOS / Ubuntu and ability to code in multiple languages (Shell Scripting / Python / Ruby)  • Strong experience working with continuous integration and continuous delivery  • Strong drive to automate everything as well as Self-motivated with continuous improvement mindset and willingness to get the job done  • Ability to manage and balance multiple deliverables concurrently in an environment with shifting priorities