This role is responsible to manage information risk, to ensure compliance of Security Standards practised by the services/organization and to provide security support on application, projects and to prevent the unintentional, unlawful, or unauthorized disclosure, alteration, or destruction of IT resources.
Your future duties and responsibilities:. Responsible to manage operational IT Security for a high availability financial service and work on the reporting & improvement as well as facilitate in audits and trainings.
. To drive Analysis & handling of security vulnerabilities & incidents.
. Establish, maintain and review compliance with Operational Security processes and procedures periodically and to ensure these are met and monitored.
. Establish, maintain and review strict access control to information and IT systems according to business needs and access policies.
. Perform Access Management activities (grant, change and revoke access privileges).
. Establish and maintain an environment that complies with the Payment Card Industry Standards & Requirements, the Information Security Management Framework and other applicable security standards and Baselines.
. Monitor and manage security controls (system settings, logs, alerts, audit trails, attempts, violations, faulty logons, lockouts, etc.)
. To work closely with clients/ application/ infrastructure owners in applying and implementing the new security changes/solutions (e.g, protection concept, security specifications, architecture and design, security assessment).
. Exposure and to work on Security Operation Center (SOC) Tools, maintenance and operations support.
Preferred Skills
• Knowledge/ Exposure on Baseline controls a.k.a environmental controls, application generic control, Third Party Access controls and Legal and Regulatory controls
• Understanding and exposure working with External auditors on ISAE 3402, PCI-DSS compliance and other mandatory standards, health and safety, ISO/IEC 27001:2005, 27002:2005 and 27005:2008
• Maintaining mandatory standards, health and safety, ISO/IEC 27001:2005, 27002:2005 and 27005:2008
• Self-starter who can work autonomously and independently and willing to learn and explore compliance and IT security.
• Good written and verbal communications, and ability to productively interact across internal/external stakeholders, auditors and functions.
• Broad understanding of security technology, IT security Standards and compliance.
QUALIFICATIONS:
• You have a university degree, followed by depth experience in the field of Governance or Compliance with focus on IT security.
• Overall 8-10 years working experience in IT industry with at least 5 years’ experience in IT Security & Compliance.
• Self-motivated and able to work independently as well as a team player.
• Good to have:
- Cards and Payment domain knowledge, Exposure or understanding on PCI DSS, PCI PA-DSS, Security Industry standards, IT Security and Assurance, TIA Knowledge/ practice, Infrastructure Security Knowledge/ Practice, Multiple OS and AD Knowledge practice and SIEM Knowledge / Practice.
- Experience in an IT operations-related field such as IT Security, IT Admin, Disaster Recovery or Maintenance of SOC tools.
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team—one of the largest IT and business consulting services firms in the world.