The unit’s primary purpose is to Assess and Evaluate Security Risks and information security
principles/patterns/controls into all products and platforms and advise the team about mitigation of the
Risks evaluated by security assessments.
Primary/General Job Purpose:
Encourage ‘Shift Left’ Mindset – Proactively embed security requirements, by influencing
implementation of security & privacy patterns from the start of the development cycle.
Secondary/Specific Job Purpose:
You will perform security assessment as per security controls for the Data Domain which includes
Big Data Platforms, Data Warehouses, Streaming Technologies, and Reporting Engines. (Example: Hadoop, HANA, Power BI ETC)
You will be required to come up with innovative methods to meet demand from the Technology
Platform – Data and Advance Analytics domain to ensure security and privacy controls become part of the automated platform that they will build to serve the entire Group IT. This would include
migration to new age technologies from Legacy components as part of the bank’s vision for Digital
You will deal with largely hybrid platforms and hence would require solid hands-on experience with
understanding and implementing security requirements for big data technologies which use
performant – archival and real time data ingestion mechanisms, work on extract transform load and
diligent design patterns for data delivery to business/internal or customer/external requirements.
This will also require you to work on Zero Trust Architectures securing access to customer data
embedding Privacy and Security by Design with controls such as defined under GDPR, PCI, & other
applicable regulatory / compliance standards etc.
You would be required to come up with solutions to secure off the shelf and open-source products
integrated to a banking environment with data security centricity and advise the teams for security
vulnerabilities for Open-source technologies such as PYSPARK, pandas, NUMPY, etc.
You are required to know and understand implementation of data platforms and streaming engines
deployed on Kubernetes or similar orchestration environments.
You would be required to design security solutions for encryption, anonymization, data integrity,
and policy control features in large scale infrastructures which will cater to response for data
security incidents and audit programs for technology-based controls.
You will influence the implementation of security controls & patterns for the technology platform
product using a mix of your superior technical, security, people, process & persuasion skills while
ensuring high customer service ratings and adequate stakeholder, expectation, and perception
You should be comfortable with creating python scripts and have an in-depth knowledge of python and R.
You should be familiar with Anaconda and other python IDEs.
You should be familiar with concepts related to data modelling, machine learning, and statistical analysis. You would be required to translate technical vulnerability into business risks and provide impact of these vulnerabilities in a business-friendly language along with organization specific controls.
Perform security reviews for data platform such as Data reviews, ETL reviews etc. and advise the
team for masking requirements as per Data Standards such as PCI-DSS and as per bank’s data
privacy control guidelines.
Access controls implemented on Hadoop Data platforms and perform Security reviews periodically.
Use a ‘Data Centric Security Approach’ to accurately ascertain Asset Criticality for business products
and/or technology assets by using a defined process
Conduct Data / Asset Classification & arrive at overall Asset Criticality by liaising with business &
technology stakeholders and oversight functions
Conduct Reviews for Data Access requirements from Data engineers within your Squads to analyse
requirements and advise GISO and RISK team.
Participate in the creation of new security patterns (where non-existent)
Ensure inclusion of security requirements/patterns and non-negotiables in the High-Level Design
Attend relevant Agile ceremonies to ensure inclusion & execution of Evil Stories/Misuse Cases as
part of secure development
Research and propose practical solutions, either Open-Source or Enterprise OR developed by self
(e.g. via scripting) that will help implement the defined security pattern
Ensure inclusion of relevant regulatory requirements into patterns with the help of the Business
Information Security Office (BISO).
Bachelor’s degree in a computer-related field such as computer science, cyber/information security
discipline, physics, mathematics or similar
General Information Security: CISSP, CISM/CISA, OSCP, OSCE or similar
Specific Security Related Certifications: SAP Certified Technology Professional –
System Security Architect, CCA HDP Administrator Exam or similar
Specific Data Platforms & Security: Hadoop, SAP- HANA, Microsoft BI, Cognos, QLIKVIEW, Sybase or
Tools: Ranger, TRINO, Knox, Atlas, Spark, Flume, Pig, Ignite, Anaconda, JUPYTER Notebook, PYSPARK,
Neo4j, RStudio and similar
Specific Streaming Platforms: Kafka, FLINK , Beam, Mirror maker or similar