Senior Tech Lead - Information Security
11069 Ameriprise India- Noida
Ameriprise Financial Services
Get financial planning advice and retirement investment advice from Ameriprise financial advisors at ameriprise.com.Key Responsibilities
- Information Security Governance
- Identity & Access Governance
- Policy/Procedure Management and Enforcement
- Reporting/Metrics
- Provide timely and effective operational support for the firm's information security tools, processes and practices in the Identity and Access space. Use standard technology monitoring tools to monitor assigned environments and/or technical assets and identify/detect behavior outside of established standards. Escalate key security issues to the appropriate team to be addressed. Assist with security assurance testing activities.
- Monitor compliance with information security and identity policies and practices and any applicable laws. Assist with internal and external security risk assessments, risk analysis and application or system-level access reviews and attestations. Coordinate/facilitate access and entitlement reviews for individual applications, business lines, and the enterprise at-large.
- Assist with the research, development, continuous improvement and implementation of identity policies, procedures, standards, and processes based on compliance requirements and industry best practices. Document the identity governance requirements, processes and procedures. Enforce information security and identity policies and procedures by reviewing violation reports, investigating possible exceptions, and documenting controls.
- Prepare status reports on identity and access matters that are used for a variety of purposes - tracking and monitoring security breaches, forensic investigative activities, remediation plan management and risk management & compliance reporting. Effectively manage and prioritize ad-hoc reporting requests, scorecards, and standard departmental reporting. Coordinate with internal team and external auditors to provide documentation of compliance assessments, support, and remediation activities.
- Maintain and develop knowledge of identity & access management trends, new identity technologies and best practices. Conduct security and industry specific research to keep self and the firm abreast of the latest security issues and regulatory developments that may impact existing policies, procedures, and practices. Participate in information security education, training and awareness activities for technology and business teams.
- Enhances organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
Required Qualifications:
- Bachelor’s degree in computer science, management information systems, or related technical field; or equivalent work experience.
- 10+ years of experience in Information Security Services, Cybersecurity, or related technical field.
The successful candidate will need to demonstrate proficiency in at least one of verticals below:
- Identity & Access Governance suites such as RSA Identity Governance & Lifecycle (formerly Aveksa) or other competitor products such as SailPoint or Saviynt.
- Privileged Account Management such as, Services and Processes [CyberArk] or other competitor products such as Beyond Trust, Thycotic, Delinea, Arcon, Hashicorp.
- At least one of the following Cloud Governance technologies: AWS, Azure, GCP with experience in securing key services such as AWS Secrets Manager or Azure KeyVault.
In addition, the successful candidate will need to meet below requirements:
- Interested in gaining broad experience in Information Security Services.
- First level knowledge and/or demonstrated technical ability to understand code and technology infrastructure in multiple environments with experience in the below languages [Powershell, Python, Regular expressions-based programming]
- Demonstrated basic understanding of the Software Development Lifecycle (SDLC) and programming/development procedures.
- Work experience that spans the Identity & Access Management or Governance, Risk, and Compliance security domains.
- Working knowledge of information security and computer network/system access technologies.
- Experience working in the financial services industry or other highly regulated/compliance-oriented environments.
- Good understanding of security controls, monitoring systems and regulatory/business drivers that impact security policies and practices.
- Effective oral and written communication skills
- Critical thinking and thought leadership skills including logical, analytical, and abstract rational skills.
- Strong attention to detail, follow-through, and time management skills.
- Working with technical and business users on platform related questions/issues
- Demonstrated aptitude to quickly learn and apply new tools and processes
- Defining business, user, and systems requirements
- Developing user acceptance test plans
- Business Analysis
- Building Process Flows
- Data Analytics
- Experience creating SQL queries and reports
- Presentations (Creating and Delivering)
- Project Coordination
- Risk Identification and Remediation
- ITIL (Change, Problem, Incident, Configuration) Management
- Direct client experience, including working with client teams in both on-site and offshore models.
Location: Gurugram/Noida/Hyderabad
Shift Timings: 2:00 -10:30 pm
Cab Provided: Yes
Preferred Qualifications:
Identity & Access Governance (IAG) Capabilities:
- Access Review / Attestations
- Joiner/Mover/Leaver
- Role Based Access Controls (RBAC)
- Access Request
- Provisioning / De-Provisioning
Privileged Access Management (PAM) Governance Capabilities:
- Password Management
- Credential Access Management
Basic knowledge and experience with:
- Operating Systems (Windows, Linux, Mainframe, etc.)
- Directories/LDAP Constructs (Active Directory, Oracle, etc.)
- Databases/RDBMS/AWS RDS Constructs (Oracle, SQL, DB2, RDS etc.)
- Authentication / Authorization Constructs (Directory, Hybrid, Native Source)
- Data Formats (XML, CSV, etc.)
- Development / Programming / Scripting
- SQL for data analytics & reporting
- AWS and Azure cloud IAG/IAM/PAM
Experience troubleshooting data issues.
Audit Response (Artifact creation and delivery)
Compliance Types (SOX, SOC1, SOC2, SOX, NYDFS, FINRA, SEC, GLBA, HIPAA, IT Compliance, etc.)
CISSP or similar security certifications.
About Our Company
Ameriprise India LLP has been providing client based financial solutions to help clients plan and achieve their financial objectives for 125 years. We are a U.S. based financial planning company headquartered in Minneapolis with a global presence. The firm’s focus areas include Asset Management and Advice, Retirement Planning and Insurance Protection. Be part of an inclusive, collaborative culture that rewards you for your contributions and work with other talented individuals who share your passion for doing great work. You’ll also have plenty of opportunities to make your mark at the office and a difference in your community. So if you're talented, driven and want to work for a strong ethical company that cares, take the next step and create a career at Ameriprise India LLP.
Ameriprise India LLP is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, genetic information, age, sexual orientation, gender identity, disability, veteran status, marital status, family status or any other basis prohibited by law.
Full-Time/Part-Time
Full timeTimings
(2:00p-10:30p)India Business Unit
AWMPO AWMP&S President's OfficeJob Family Group
Technology* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Analytics AWS Azure CISSP Cloud Compliance Computer Science CSV Cyberark Data Analytics GCP GLBA Governance HIPAA IAM ITIL LDAP Linux Mainframe Monitoring Oracle PowerShell Python RDBMS Risk analysis Risk assessment Risk management RSA SailPoint Scripting SDLC SOC 1 SOC 2 SOX SQL Vulnerabilities Windows XML
Perks/benefits: Career development Insurance Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Security Consultant jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open IT Security Analyst jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open DevSecOps-related jobs