Sr. Security & Threat Research Analyst, Information Security
Pune Area, India
- Designing of IT Security Standards (Technical/Procedural controls) for various Operating Systems, Databases, Web Servers, Applications. Working as a part of CIS (Centre for Information Security) consensus team to create and review various IT Security Benchmarks, used across the security industry.- Development of Neutral and Harmonized Control statements, similar to UCF. - Mapping of Control statements to various slots such as IT controls, Risk Events, IT Governance requirements, IT security Policies, and various industry Mandates/frameworks and best practices such as ISO 27001/2, PCI-DSS, CObIT, HIPAA, CSA, UCF, IT Objectives for SOX etc.- Analysis for IT Risk Management, Risk Scoring, Risk assessment.- Providing Innovative Security and Compliance features to Product Management team for validating with marketing and customers.