We use cookies to improve your experience on our site. To find out more, read our privacy policy.

WTW Jobs

Home View All Jobs (894)

Job Information

WTW Information Security Analyst (Business Security Operations) in Mumbai, India

Job Summary

  • As the Information Security Associate within the Business Security Operations (Bus Sec Ops) team, you will be responsible for implementing and maintaining information & cyber security practices across WTW.

  • Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards.

  • You will need to take a leadership role in building security testing framework for web-based applications which includes Threat Profiling, DAST, SAST, Security Architecture, and Penetration testing.

  • In this role, you are expected to understand the organization’s information & cyber security strategy and standards while working collaboratively with technology teams to implement and maintain sound security practices.

  • This role resides in our Information & Cyber Security (ICS) team within Corporate IT.

Responsibilities & Duties

  • Build and maintain effective relationship with technology teams and ICS stakeholders

  • Foster a culture of information and cyber security best practices though awareness and support

  • Stay up to date with the latest application security developments and security trends to continually improve internal processes

  • Hold good understanding of Application & Infrastructure testing methodology & support development teams in the remediation of vulnerabilities

  • Work with development teams to improve the secure software development lifecycle

  • Engage in information security activities to support client/business engagements i.e., incidents, vulnerabilities, development lifecycles, risk management and emerging threats

  • Ability to coordinate and execute security testing for applications and cloud environments

  • Engage with key stakeholders to support internal and external audit activities to ensure compliance with regulations such as: SOC, FCA, NYDFS, GDPR, HIPAA

  • Demonstrate a good understanding of security regulations and data privacy laws

  • Support the risk identification & exceptions management processManage and oversee adhoc projects related to maturing information and cyber security controls across the organization

Technical Skills:

  • Degree in a relevant Information Technology area preferably with a focus on information security

  • Significant experience in managing and patching vulnerabilities across a host of assets

  • Expert understanding of all aspects of information security principles, policy and its application in business and technology areas

  • Understanding of core cloud security principles

  • Knowledge and experience on supporting information security audits

Education Qualification : Degree in a relevant Business or Information Technology area

DirectEmployers