Institutional Shareholder Services, Inc.

  • Information Security Analyst-Mumbai

    Job Locations IN-MH-Mumbai
    Job ID
    2018-1603
    Category
    Information Technology
  • Overview

    Institutional Shareholder Services Inc. (ISS) is the world’s leading provider of corporate governance
    solutions for asset owners, hedge funds, and asset service providers. ISS’ solutions include objective
    governance research and recommendations, end-to-end proxy voting and distribution solutions, turnkey
    securities class-actions claims management, and reliable global data and modeling tools.
    Institutional clients turn to ISS to apply their corporate governance views, identify governance risk, and
    manage their complete proxy voting needs on a global basis.

     

    This role shall be responsible for supporting the information security agenda for ISS, with a primary
    focus on physical security and cybersecurity along with a secondary focus of local business continuity
    coordination. As part of the Information Security Office, this role will work closely with technology
    functions to identify areas of greatest risk and supporting initiatives to keep the information security
    and technology risk profile within appetite.
    This role includes responsibilities for interacting internal customers at ISS and with internal and external
    audit functions responsible for managing compliance testing of control requirements.
    This role will report up through the Chief Information Security Officer who is based in the United States.

    Responsibilities

    Gain/leverage familiarization with, and perform administration for, ISS’ Security Tools and
    Technologies from McAfee:
    o ePO
    o Anti-Malware solution
    o Intrusion Prevention Systems – Network-based
    o Intrusion Prevention Systems – Host-based
    o Web Gateway (and URL Filtering)
    o Email Gateway
    o Endpoint Protection Suite
    o Security Information and Event Manager (SIEM)
    o Reporting and Metrics


    • Operational Activities
    o Administer SPAM protection utilities contained within the Email Gateway; configure sender
    and domain blacklists, maintain tracking for all reported emails.
    o Administer Web Gateway (URL Filtering); manage whitelist modifications, reporting and
    metrics.
    o Coordinate and perform reporting and monitoring functions on the Security Information and
    Event Manager (SIEM) in place within the ISS enterprise.
    o Create security baselines for workstation, desktops, network devices and database
    technologies. Audit assets for adherence with the documented baselines.
    o Monitor security vulnerability repositories and relevant security news websites for relevant
    bugs and news items.
    o Coordinate appropriate updates to the local business continuity plan from a business and
    technology perspective.


    • Administration, monitoring and management of the firm’s Physical Security Infrastructure:
    o Program and configure hardware objects, alerts, reports, personnel, templates, etc., using
    the firm’s CCure Physical Access Control Servers.
    o Manage overall server health and operational effectiveness.
    o Audit badge access and operator activities; generate reports as required.
    o Respond to escalations from badge system administrators regarding clearance issues.
    o Perform quarterly physical access audits for local and remote offices. (No travel required.)
    o Monitor physical security alerts; responding and escalating as appropriate.
    o Monitor CCTV alerts; responding and escalating as appropriate.

     

    • Other appropriate duties as assigned to drive forward progress for the firm.

    Qualifications

    3-5 years of Physical Security and/or Cybersecurity experience
    • 3-5 years of experience with McAfee email gateway, web gateway, SIEM, anti-malware and other
    tools is preferred.
    • 4-7 years of experience with establishing and monitoring information security controls
    • ISO 27001 experience is preferred
    • Certification(s) such as CISSP, CISA, CISM, CASP preferred
    • Have a good and relevant IT degree
    • Have a high-level of risk intelligence and security awareness
    • Have strong analytical, organizational, and decision-making skills
    • Have strong verbal and written communication skills. Must be able to interface and coordinate
    work efficiently and effectively with ISS personnel in locations around the globe.
    • Strong administrative skills, with effectiveness in developing tasks and managing time and resources
    to achieve target dates.
    • Be able to balance hands-on skills with consultancy skills.
    • Must be a productive team player.
    • Strong computer skills (Microsoft Word, Excel, PowerPoint, Outlook, etc.)
    • Off-hour/on-call support may be required.
    • Occasionally may be required to shift work hours to align with the US business day.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed