1. Home
  2. Operational Security Engineer

Offers “CGI”

New
CGI

Operational Security Engineer

  • Chennai (Chennai)
Apply Now

Job description

Position Description:

Direct Responsibilities

• Infrastructure Vulnerability Management Responsible to identify, classify, prioritize and remediate vulnerabilities in organization infrastructure. Ensure the regular coverage of infrastructure assets in vulnerability assessment by service providers Collaborate with IT Dev and Prod teams to remediate identified vulnerabilities and ensure that all remediation efforts are tracked and documented. Provide regular reports to management on vulnerability management activities, including identified vulnerabilities, remediation efforts and compliance status. Collaborate with IT teams, management and other stakeholders to ensure that vulnerability management efforts are aligned with business objectives. Ensure that vulnerability assessment tools such as Rapid7 Nexpose, Tanium, Qualys are configured to meet the expected quality assessment and by fine-tuning the vulnerability assessment plugins.

• Application Security Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices. Identify and implement the latest security standards for internet facing and internal assets Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing – SAST, Dynamic Acceptance Security Testing – DAST and Software Composition Analysis – SCA). Perform Security risk assessments and reviews to be presented to respective committees Ensure the adequate security level for all WM GAIM applications, whatever the IT project manager’s location and hosting provider

• Cybersecurity Ensure the protection of WM business data with an adequate security level of WM assets based on review processes Ensure the coordination with other IT security or other actors in the region or globally Assist for a Risk Treatment for any APAC WM issue, based on the processes Identify the IT security risks in advance, record and follow-up them Define and contribute to processes from cybersecurity perspective Periodic reporting of security status to IT Security Domain Head Ensure the regular reporting for management follow-up Ensure to follow-up on the DLP, Incident Management topics with by investigating and following with handlers until the issue is closed. Ensure to onboard the Assets & Applications in SIEM and handling BAU, create / update relevant documents.

• Production Security Ensure the effectiveness and success of vulnerability management process Ensure the compliance level of the production environment and integrate to reporting

• IT Security Compliance (delegation on WM APAC scope) Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA) Leveraging on a deep knowledge of Security standards such as NIST, CIS,ISO2700x , ensure the compliance with the IT security requirements Ensure the compliance with the Third-party Technology risks and the Cloud security Identify the process gaps and provide solutions

• Coordination with IT Security actors Alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, Application Security Dashboard…) Coordination and control of security activities performed by APAC Business Information Security and Production Security teams, including production security review, user security awareness for the WM scope. Coordination with the global security teams concerning integration of WM assets within production sites Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group

Skills:

·  Compliance
·  Vulnerability Management(IAVM)

What you can expect from us:

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team—one of the largest IT and business consulting services firms in the world.

Make every future a success.
  • Job directory
  • Business directory
    •