Compliance and Security (C&S) Subject Matter Expert

[Job Title]
Compliance and Security (C&S) – Subject Matter Expert
[Job Overview]

Compliance and Security Senior Technical Specialist part of the India Infrastructure Services team who will support a major region for the security related topics under C&S scope covering PAM, RSA, Vormetric, Proof point, Hardening. He / she would oversee these security platforms / tools and objectives in line with the global directives to keep the company safe. As an SME, you will be responsible for providing expert guidance, recommendations, and hands-on support in these areas to ensure the security and integrity of our organization's IT infrastructure. Your primary focus will be on designing, implementing, and maintaining robust security controls, policies, and technologies related to privileged access management, RSA solutions, Vormetric encryption, ProofPoint email security, and system hardening. You will collaborate with cross-functional teams and stakeholders to enhance the overall security posture of our organization.

[Technology and Sub-technology]

• Threat and Vulnerability Management
• Data Leak Protection (DLP)
• Privilege Access Management
• Identify and Access Management

[Base Location]

Bangalore
[Type]

Hybrid - WFH/In-office (visiting office as per company guidelines is mandatory)
[Qualifications]

• Education: Bachelor's degree in Information Systems, Information Technology (IT), Computer Science, Engineering, related programs, or equivalent experience.
• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Proficiency in implementing and managing Vormetric encryption solutions or similar encryption technologies.
• Experience in designing and configuring Proofpoint email security solutions or equivalent email security platforms.
• Extensive knowledge of system hardening principles, secure configuration standards (e.g., CIS benchmarks), and vulnerability assessment tools (e.g., Kenna, Qualys).
• Strong analytical and problem-solving skills with the ability to assess complex security issues and provide effective solutions.
• Excellent communication and interpersonal skills, with the ability to effectively convey complex technical concepts to both technical and non-technical audiences.
• Proven experience working as a Subject Matter Expert (SME) or Consultant in Privileged Access Management (PAM), RSA, Vormetric, ProofPoint, and system hardening (details below).

• IT Infrastructure experience is essential

• Privileged Access Management (PAM):

• Expertise in implementing and managing PAM solutions, such as CyberArk, Thycotic, or BeyondTrust.
• Knowledge of privileged account lifecycle management, including provisioning, deprovisioning, and access review processes.
• Familiarity with privileged session monitoring and recording.
• Understanding of privileged access policies, standards, and best practices.
• Proficiency in evaluating and mitigating risks associated with privileged accounts.
• Ability to design and implement privileged access controls and workflows.
• Experience in integrating PAM solutions with other security technologies and identity sources.
• Knowledge of compliance frameworks (e.g., PCI DSS, HIPAA) and their requirements related to PAM.

• Data Loss Prevention (DLP):

• Strong understanding of data classification and data handling requirements.
• Knowledge of DLP technologies and tools like Symantec DLP, McAfee DLP, or Forcepoint DLP.
• Ability to assess and classify sensitive data across various platforms and data repositories.
• Experience in designing and implementing DLP policies and rules.
• Proficiency in configuring and managing DLP agents, sensors, and monitoring consoles.
• Familiarity with incident response and investigation procedures related to DLP incidents.
• Understanding of regulatory compliance standards (e.g., GDPR, CCPA) and their impact on DLP implementations.
• Knowledge of encryption and data protection techniques.

• Identity and Access Management (IAM):

• Proficiency in IAM concepts, principles, and frameworks.
• Experience with IAM solutions like Okta, Azure Active Directory, or SailPoint.
• Knowledge of user lifecycle management, including user provisioning, deprovisioning, and access recertification processes.
• Understanding of identity governance and administration (IGA) processes and controls.
• Ability to design and implement IAM roles, entitlements, and access policies.
• Familiarity with single sign-on (SSO) and multi-factor authentication (MFA) technologies.
• Knowledge of directory services (e.g., LDAP, Active Directory) and their integration with IAM solutions.
• Understanding of federation protocols and standards (e.g., SAML, OAuth, OpenID Connect).

• Threat and Vulnerability Management (TVM):

• Expertise in vulnerability assessment tools like Nessus, Qualys, or Rapid7.
• Proficiency in conducting vulnerability scans and managing vulnerability data.
• Knowledge of common vulnerabilities and exposures (CVE) databases and vulnerability intelligence sources.
• Understanding of vulnerability management processes, including prioritization, remediation, and reporting.
• Experience in designing and implementing a vulnerability management program.
• Familiarity with penetration testing methodologies and tools.
• Knowledge of security assessment frameworks (e.g., OWASP, NIST SP 800-53) and their application to vulnerability management.
• Ability to analyze and interpret vulnerability scan results and provide actionable recommendations.

[Job Details]

• Serve as a subject matter expert and trusted advisor on Privileged Access Management (PAM), RSA, Vormetric, ProofPoint, and system hardening.
• Design and implement comprehensive Privileged Access Management (PAM) solutions to safeguard privileged accounts, enforce access controls, and monitor privileged activities.
• Provide guidance and best practices for the implementation and configuration of RSA solutions, including RSA SecurID, RSA Archer, and RSA NetWitness.
• Implement and maintain Vormetric encryption solutions to protect sensitive data at rest and in transit.
• Design and configure ProofPoint email security solutions to mitigate email-based threats, such as phishing, malware, and data leakage.
• Collaborate with infrastructure and operations teams to develop and implement system hardening guidelines, baselines, and secure configuration standards.
• Conduct security assessments, vulnerability scans, and penetration tests to identify and remediate security vulnerabilities.
• Collaborate with cross-functional teams to develop and enforce security policies, procedures, and standards.
• Stay abreast of emerging threats, vulnerabilities, and industry best practices related to Privileged Access Management, RSA, Vormetric, ProofPoint, and system hardening.
• Provide training and knowledge sharing sessions to technical teams and stakeholders on security technologies and best practices.
• Collaborate with incident response teams to investigate and remediate security incidents related to PAM, RSA, Vormetric, ProofPoint, and system hardening.

[Good to have Skills]

• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or vendor-specific certifications in PAM, RSA
• Familiarity with industry regulations and frameworks related to privileged access management and security hardening (e.g., NIST, PCI-DSS, ISO 27001).

[Responsibilities and Duties]

• Interface with engineering management and leadership to drive secure initiatives, planning, and resolve issues and conflicts early and within development lifecycle
• Facilitate secure engagement activities including security requirements, threat modeling, vulnerability analysis, and risk assessment
• Coordinate security incident and response activities, performing analysis, collaboration with engineering, and drive resolution of incidents
• Identify and drive process efficiency and optimization within the team, allocation of resources, ensuring milestones and targets are achieved
• Monitor and manage product risks, ensure key stakeholders are informed, plan and communicate intended outcomes
• Coordinate and collaborate with internal and external stakeholders including engineering, quality assurance, security architecture, governance, and certification entities to achieve department goals, risk reduction, and milestones
• Ensure security requirements are understood and applied in accordance with
• Security policies, applicable country laws, and regulations
• Promote and apply Zero Trust architecture and principles throughout service offerings
• Serve as a subject matter expert and trusted advisor on Privileged Access Management (PAM), RSA, Vormetric, ProofPoint, and system hardening.
• Design and implement comprehensive Privileged Access Management (PAM) solutions to safeguard privileged accounts, enforce access controls, and monitor privileged activities.
• Provide guidance and best practices for the implementation and configuration of RSA solutions
• Implement and maintain Vormetric encryption solutions to protect sensitive data at rest and in transit.
• Collaborate with infrastructure and operations teams to develop and implement system hardening guidelines, baselines, and secure configuration standards.
• Conduct security assessments, vulnerability scans, and penetration tests to identify and remediate security vulnerabilities.
• Collaborate with cross-functional teams to develop and enforce security policies, procedures, and standards.
• Stay abreast of emerging threats, vulnerabilities, and industry best practices related to Privileged Access Management, RSA, Vormetric, ProofPoint, and system hardening.
• Provide training and knowledge sharing sessions to technical teams and stakeholders on security technologies and best practices.
• Collaborate with incident response teams to investigate and remediate security incidents related to PAM, RSA, Vormetric, ProofPoint, and system hardening.
• Any other duties as assigned

[Keywords]

• Compliance & Security
• Security Tools – Beyond Trust, Delinea, McAfee
• Security Governance
• Security Operations
• DLP
• Kenna, Qualys
• Antivirus
• IT Infrastructure