The Job logo

What

Where

Security Compliance Associate

ApplyJoin for More Updates

You must Sign In before continuing to the company website to apply.

Smart SummaryPowered by Roshi
As a Security Compliance Associate at ECI, you will assess client security infrastructures, manage phishing campaigns, identify security weaknesses, update policies, and assist with audits. This on-site role requires working Monday to Friday, 5 pm to 2 am IST.

Description

 

ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe.  From its unmatched range of services, ECI provides stability, security and improved business performance, freeing clients from technology concerns and enabling them to focus on running their businesses.  More than 1,000 customers worldwide with over $3 trillion of assets under management put their trust in ECI. 

 

At ECI, we believe success is driven by passion and purpose. Our passion for technology is only surpassed by our commitment to empowering our employees around the world

 

The Opportunity: 

As a Security Compliance Associate you will have the opportunity to work with cutting edge technology and industry leaders in the financial space. Your role will be responsible for phishing and training, conducting security audits/assessments, reviewing policies and client documentation, conducting vendor risk management, and presenting recommendations to client leadership teams, and acting as a security centric technical leader amongst your peers. You will be a part of a strong international team that supports clients across the globe. You will be familiar with the most important security frameworks and have a strong ability to tie risk to the organization based on their operations. In this role, you can’t be afraid to get your hands dirty and help the leadership team build an ever-evolving program. 

This is an Onsite role, Working days are Monday – Friday, 5pm IST to 2am IST.

What you will do:

  • Assess client security infrastructures and document information security policies, processes, and technical controls.
  • Manage client phishing campaigns and employee training.
  • Identify information security weaknesses and gaps by conducting client security assessments, risk assessment, and vendor due diligence through interviews, questionnaires, documentation reviews, and technical assessments.
  • Describe and communicate security findings, potential business risks, present remediation recommendations, and estimate costs and effort levels for remediation to the clients' leadership teams and board members.
  • Update client policies based on industry standards, best practices, and regulatory requirements such as SEC, FTSE, ISO27001, NIST, GDPR etc. as necessary.
  • Collect and organize evidence from all client assessments and ECI’s System Service Desk and Network Service Desk.
  • Conduct simulated phishing exercises, awareness training, and incident response tabletop exercises for the client.
  • Assist clients with security aspects during their internal and external audits.
  • Address clients' ad hoc security-related queries and provide resolutions.

 

Who you are:

  • Minimum of 1 year of experience in a security/IT role that is constantly evolving.
  • Exceptional written and verbal communication skills, with the ability to present to client leadership teams and executives.
  • Strong familiarity with IT compliance frameworks, including NIST 800-171 and ISO 27001.
  • Technical background and experience/understanding with different IT systems, including but not limited to Microsoft, Defender, Sentinel One.
  • Strong understanding of security best practices and controls, including but not limited to MFA, Conditional Access, Least Privilege, Defense in Depth, etc.
  • Constantly aware of evolving industry threats and real-world events that impact client security.
  • Strong interpersonal skills to deal with a diverse set of clients and colleagues.
  • Willingness to work swing shift between India and US EST time.

 

Bonus points if you have: 

  • Bachelor’s or Graduate degree in computer science and management
  • Experience conducting security audits/assessments is an added advantage.

 

Set alert for similar jobsSecurity Compliance Associate role in Bengaluru, India, Hyderabad, India, or Indore, India
ECI Logo

Company

ECI

Job Posted

10 months ago

Job Type

Full-time

WorkMode

On-site

Experience Level

0-2 Years

Category

Software Development

Locations

Bengaluru, Karnataka, India

Hyderabad, Telangana, India

Indore, Madhya Pradesh, India

Qualification

Bachelor

Applicants

11 applicants

Related Jobs

ECI Logo

Senior Systems Monitoring Engineer

ECI

Bengaluru, Karnataka, India

+2 more

Posted: 10 months ago

Description   ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe. From its unmatched range of services, ECI provides stability, security and improved business performance, freeing clients from technology concerns and enabling them to focus on running their businesses. More than 1,000 customers worldwide with over $3 trillion of assets under management put their trust in ECI. At ECI, we believe success is driven by passion and purpose. Our passion for technology is only surpassed by  our commitment to empowering our employees around the world .  The Opportunity:  ECI has an exciting opportunity for a  Senior Systems Monitoring Engineer,  who will proactively monitor and manage production systems. In this role, you will monitor alerts related to the infrastructure and application. This is an Onsite role. What you will do: Proactive monitoring and management of production systems. Monitor alerts related to the infrastructure and application. Identify, capture, evaluate and report metrics and determine trending to drive process and product change. Assist peer engineers during alert / alarm remediation. Provide analysis and feedback of system operations, performance, and stability to shift lead / supervisor. Monitor adherence to guidelines on processing, alerting, maintenance and security. Help management in establishing KPI’s, monitor thresholds, communicate metrics, and identify areas for review and improvement. Perform service restarts and disk expansions in Windows environment. Analyze the alert and gauge the incident priority accordingly. Analyze hardware and infrastructure to determine how it relates to the application performance. Willing to work in a 9 hour shift job with minimum supervision. Hands on experience required on Service-Now, Remedy etc. tools. (ITIL framework preferred). Participate in 24/7 on-call support for the collaboration technology environment (P1, Major Incident Management). IT best practices for Major Incident Management including detection, triaging, assessment, troubleshooting and restoration (Major Incident management). Follow-up with the respective engineering (SME’s) and Technology managers for ensuring root cause analyst (RCA) and E-RFC and RFC (Planned v/s Emergency Change requests). Mentors new hire and should be willing to work as a shift lead when required. Who you are: College diploma or University degree in the field of Computer Science or equivalent field and/or 5+ years of experience with a minimum of 3 years of end user support. 2+ years of L1 Monitoring experience, along with Azure and Exchange experience. Experience in working on high availability and real time monitoring solutions (CA Spectrum, Nimsoft or other monitoring specific applications) Understanding of network / servers and Virtual Machine performance issues. Knowledge of Microsoft, Cisco, Citrix, Vmware systems / servers are a plus. Strong proven skills in ITIL framework (Especially, Incident, Problem and Change management) Bonus points if you have: Demonstrated ability to work in a team environment that requires quick turnaround and quality output. Strong analytical, problem-solving and troubleshooting skills Excellent communication skills with the ability to speak on varying technical levels