Job Description

Let\'s be #BrilliantTogether Institutional Shareholder Services is growing! ISS seeks a Information Security Analyst to join our team in Mumbai, India. Position Overview This role shall be responsible for supporting the information security agenda for ISS, with a primary focus on physical security and cybersecurity along with a secondary focus of local business continuity coordination. As part of the Information Security Office, this role will work closely with technology functions to identify areas of greatest risk and supporting initiatives to keep the information security and technology risk profile within appetite. This role includes responsibilities for interacting with internal customers at ISS and with internal and external audit functions responsible for managing compliance testing of control requirements. Responsibilities Gain/leverage familiarization with, and perform administration for, ISS\' Security Tools and Technologies from McAfee and Cisco: ePO Anti-Malware solution Intrusion Prevention Systems - Network-based Intrusion Prevention Systems - Host-based Web Gateway and URL Filtering Email Gateway Endpoint Protection Suite Security Information and Event Manager Reporting and Metrics Operational Activities Administer SPAM protection utilities contained within the Email Gateway; configure sender and domain blacklists, maintain tracking for all reported emails. Administer Web Gateway (URL Filtering); manage whitelist modifications, reporting and metrics. Coordinate and perform reporting and monitoring functions on the Security Information and Event Manager (SIEM) in place within the ISS enterprise. Create security baselines for workstation, desktops, network devices and database technologies. Audit assets for adherence with the documented baselines. Monitor security vulnerability repositories and relevant security news websites for relevant bugs and news items. Coordinate appropriate updates to the local business continuity plan from a business and technology perspective. Administration, monitoring and management of the firm\'s Physical Security Infrastructure: Program and configure hardware objects, alerts, reports, personnel, templates, etc., using the firm\'s CCure Physical Access Control Servers. Manage overall server health and operational effectiveness. Audit badge access and operator activities; generate reports as required. Respond to escalations from badge system administrators regarding clearance issues. Perform quarterly physical access audits for local and remote offices. (No travel required.) Monitor physical security alerts; responding and escalating as appropriate. Monitor CCTV alerts; responding and escalating as appropriate. Other appropriate duties as assigned to drive forward progress for the firm. Qualification 3-5 years of Physical Security and/or Cybersecurity experience 2-5 years of experience with Cisco & McAfee security tools is preferred. 3-6 years of experience with establishing and monitoring information security controls ISO 27001 experience is preferred Certification(s) such as Security+ preferred Bachelor\'s in IT or relevant IT degree Have a high-level of risk intelligence and security awareness Have strong analytical, organizational, and decision-making skills Have strong verbal and written communication skills. Must be able to interface and coordinate work efficiently and effectively with ISS personnel in locations around the globe. Strong administrative skills, with effectiveness in developing tasks and managing time and resources to achieve target dates. Be able to balance hands-on skills with consultancy skills. Must be a productive team player. Strong computer skills (Microsoft Word, Excel, PowerPoint, Outlook, etc.) Off-hour/on-call support may be required. Occasionally may be required to shift work hours to align with the US business day. \'We offer a hybrid work schedule of 3 days in office and 2 days work from home.\' #ASSOCIATE #INFOSEC What You Can Expect From Us Our people are the moving force behind ISS. We are dedicated to hiring the best, most talented people in our industry and empowering them with the resources and support to enhance their career, health, financial and personal well-being. We are committed to fostering, cultivating, and preserving a culture of diversity and inclusion. We are invested in our people and are working every day to ensure a diverse, equitable, and inclusive workplace. Let\'s empower, collaborate, and inspire one another. Let\'s be #BrilliantTogether . About ISS ISS empowers investors and companies to build for long-term and sustainable growth by providing high-quality data, analytics, and insight. We are committed to positively impacting the environment and society through our market-leading solutions and leading by example. Specifically, the ISS ESG solutions enable investors to develop and integrate responsible investing policies and practices, engage on responsible investment issues, and monitor portfolio company practices through screening solutions. It provides climate data, analytics, and advisory services to help financial market participants understand, measure, and act on climate-related risks across all asset classes. In addition, ISS ESG solutions cover corporate and country ESG research and ratings, enabling its clients to identify material social and environmental risks and opportunities. Visit our website: https://www.issgovernance.com View additional open roles: https://www.issgovernance.com/join-the-iss-team/ Institutional Shareholder Services (\'ISS\') is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as \'protected status\'). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.

foundit