Job Description

:Our client is IT MNC part of one of the major insurance groups based out of Germany and Europe. The Group is represented in around 30 countries worldwide, with Over 40,000 people worldwide, focusing mainly on Europe and Asia. Our client offers a comprehensive range of insurances, pensions, investments and services by focusing on all cutting edge technologies majorly on Could, Digital, Robotics Automation, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate the customers future needs around the globe thru supporting millions of internal and external customers with state of-the-art IT solutions to everyday problems & dedicated to bringing digital innovations to every aspect of the landscape of insurance.RequirementsKey Responsibilities::xc2xb7 Business-Cybersecurity Alignment:o Work closely with business stakeholders, IT security teams, and cross-functional teams to ensure cybersecurity initiatives align with the organizations broader business goals.o Translate business needs into technical security requirements that can be effectively executed by the security and IT teams.xc2xb7 Requirements Gathering & Documentation:o Collect and document detailed business requirements for cybersecurity projects and initiatives, ensuring security requirements are clearly articulated for technical implementation.o Prepare clear, concise documentation such as functional requirements, risk assessments, security processes, and workflows for new security programs and enhancements.xc2xb7 Risk Analysis & Security Assessments:o Conduct risk assessments in the context of hybrid IT environments (cloud, on-premises, and edge) to identify security gaps and vulnerabilities.o Collaborate with security teams to evaluate existing security controls and recommend solutions to mitigate identified risks, balancing business needs with security requirements.xc2xb7 Cybersecurity Frameworks & Compliance:o Ensure that all business and technical security requirements comply with relevant regulatory compliance frameworks (e.g., NIST CSF, ISO 27001, GDPR, HIPAA).o Support audits and compliance assessments, identifying any gaps between current practices and regulatory standards. (must have)xc2xb7 Security Process Improvement:o Identify opportunities for process improvements within the cybersecurity function, including streamlining security incident response, access management processes, and threat detection workflows.o Develop business cases for proposed security improvements, including cost-benefit analyses and risk assessments.xc2xb7 The Business Analyst will have comprehensive responsibilities spanning multiple cybersecurity domains, and should have expertise in at least 5 of the following areaso SIEM Sentinel & Security Operations:xc2xa7 Manage and optimize SIEM solutions, particularly Sentinel, for effective monitoring, incident detection, and security event correlation across hybrid environments.xc2xa7 Collaborate with security operations teams to ensure proper configuration, tuning, and reporting within SIEM platforms to support proactive threat management.o Security Tools & Technology Integration:xc2xa7 Work with security teams to implement and optimize security tools such as SIEM (e.g., Splunk, Microsoft Sentinel), EDR (e.g., CrowdStrike, MS Purview/Defender), SOAR platforms, CASB (Cloud Access Security Broker), and Threat Intelligence systems.xc2xa7 Help define and document requirements for the integration of cybersecurity tools into the broader security ecosystem.o User Access Management (UAM) & RBAC:xc2xa7 Work closely with identity and access management teams to ensure the implementation of UAM and RBACsystems that align with the organization's security policy and business requirements.xc2xa7 Support the development of processes for managing user roles, privileges, and access rights across enterprise systems.o Cloud & Encryption Security:xc2xa7 Ensure that security policies and controls are applied across both on-premises and cloud environments(AWS, Azure, Google Cloud), addressing challenges related to cloud security, data encryption, and access management.xc2xa7 Collaborate with technical teams to implement strong encryption methods for data-in-transit, data-at-rest, and data-in-use in line with organizational security policies.o AI & ML in Cybersecurity: (Good to have)xc2xa7 Contribute to the use of AI/ML technologies to enhance threat detection, anomaly identification, and predictive analytics within the organizations security operations.xc2xa7 Collaborate with data scientists and security teams to define requirements for AI/ML-based security models and incident response automation.o SOAR Integration & Incident Response:xc2xa7 Assist with the integration of Security Orchestration, Automation, and Response (SOAR) solutions into the incident response lifecycle to streamline response times and automate repetitive tasks.xc2xa7 Support the continuous improvement of incident response procedures and playbooks, ensuring a consistent, rapid, and efficient approach to security incidents.xc2xb7 Stakeholder Communication & Reporting:o Regularly communicate project status, risks, and mitigation plans to senior leadership, business stakeholders, and technical teams.o Translate complex technical concepts and security strategies into business-friendly language for non-technical stakeholders, ensuring full understanding of key security issues.xc2xb7 Training & Awareness:o Help develop training materials, security guidelines, and awareness programs to ensure that staff are educated on security best practices and compliance requirements.o Facilitate knowledge transfer sessions with technical teams to ensure the effective implementation of new security initiatives.Benefitsxc2xb7 Any Certificationsxe2x80x8bJob Location: Hiranandani Gardens, Powai, MumbaiMode: Work from Office

2COMS