The unit’s primary purpose is to Assess and Evaluate Security Risks and information security
principles/patterns/controls into all products and platforms and advise the team about mitigation of the
Risks evaluated by security assessments.
Primary/General Job Purpose:
Encourage ‘Shift Left’ Mindset – Proactively embed security requirements, by influencing
implementation of security & privacy patterns from the start of the development cycle
Secondary/Specific Job Purpose:
- You will be required to come up with innovative methods to meet demand from the Technology Platform – Data and Advance Analytics domain to ensure security and privacy controls become part of the automated platform that they will build to serve the entire Group IT. This would include migration to new age technologies from Legacy components as part of the bank’s vision for Digital Transformation.
- You will perform security assessment as per security controls for the Data Domain which includes Big Data Platforms, Data Warehouses, Streaming Technologies, and Reporting Engines. (Example: Hadoop, HANA, Power BI ETC)
You are required to know and understand implementation of data platforms and streaming engines
deployed on Kubernetes or similar orchestration environments.
- You will deal with largely hybrid platforms and hence would require solid hands-on experience with understanding and implementing security requirements for big data technologies which use performant – archival and real time data ingestion mechanisms, work on extract transform load and diligent design patterns for data delivery to business/internal or customer / external requirements. This will also require you to work on Zero Trust Architectures securing access to customer data embedding Privacy / compliance standards
- You would be required to come up with solutions to secure off the shelf and open- source products integrated to a banking environment with data security centricity and advise the teams for security vulnerabilities for Open source technologies such as PYSPARK , ETC.
You would be required to design security solutions for encryption, anonymization, data integrity, and policy control features in large scale infrastructures which will cater to response for data security incidents and audit programs for technology-based controls.
You will influence the implementation of security controls & patterns for the technology platform
product using a mix of your superior technical, security, people, process & persuasion skills while
ensuring high customer service ratings and adequate stakeholder, expectation, and perception
Perform security reviews for data platform such as Data reviews, ETL reviews etc. and advise the
team for masking requirements as per Data Standards such as PCI-DSS and as per bank’s data privacy
Access controls implemented on Hadoop Data platforms and perform Security reviews periodically.
Use a ‘Data Centric Security Approach’ to accurately ascertain Asset Criticality for business products
and/or technology assets by using a defined process
Conduct Data / Asset Classification & arrive at overall Asset Criticality by liaising with business & technology stakeholders and oversight functions
Conduct Reviews for Data Access requirements from Data engineers within your Squads to analyz requirements and advise GISO and RISK team.
Participate in the creation of new security patterns (where non-existent)
Ensure inclusion of security requirements/patterns and non-negotiables in the High-Level Design (HLD) document
Attend relevant Agile ceremonies to ensure inclusion & execution of Evil Stories/Misuse Cases as part of secure development
Research and propose practical solutions, either Open-Source or Enterprise OR developed by self (e.g. via scripting) that will help implement the defined security pattern
Ensure inclusion of relevant regulatory requirements into patterns with the help of the Business Information Security Office (BISO)
Bachelor’s degree in a computer-related field such as computer science, cyber/information security
discipline, physics, mathematics or similar
Master’s degree in business administration, information security, human resource management,
finance or international business or executive education from reputed institutes like Harvard
General Information Security: CISSP, CISM/CISA or similar
Specific Security Related Certifications: SAP Certified Technology Professional –
System Security Architect, CCA HDP Administrator Exam or similar
Specific Data Platforms & Security: Hadoop, SAP- HANA, Microsoft BI, Cognos, QLIKVIEW , Sybase or
Tools: Ranger, TRINO, Knox, Atlas, Spark, Flume, Pig, Ignite and similar
Specific Streaming Platforms: Kafka, FLINK, Beam, Mirror maker or similar