Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Engaged Employer

Equiniti

Compare

3.7

based on 344 Reviews

Video summary

120 Equiniti Jobs

Information Security Risk Analyst

EQUINITI ICS India Pvt Ltd

3.7

based on 344 Reviews

3-5 years

Chennai

1 vacancy

Information Security Risk Analyst

Equiniti

posted 3mon ago

Job Role Insights

Fixed timing

Key skills for the job

Medical Coding Supply Chain Management Legal Advisory Risk Management Information Security Testing Tools

+ 3 more

Job Description

Management Level

Business Division: GRCLS

Business Function / Department:

Job Title: Information Security Risk Analyst

Reporting to (Job Title): INFO SECURITY RISK MANAGER

Date:

Equiniti is a leading international provider of shareholder, pension, remediation, and credit technology. With over 6000 employees, it supports 37 million people in 120 countries.

EQ India began its operations in 2014 as a Global India Captive Centre for Equiniti, a leading fintech company specialising in shareholder management. Within a decade, EQ India strengthened its operations and transformed from being a capability centre to a Global Competency Centre, to support EQs growth story worldwide.

Role Summary

The Information Security Risk Analyst will work within a small team delivering a range of risk-related services. You will report to the Information Security Risk Manager; You will share the workload and activities of the Information Security Risk Management team, consisting of the Head and up to 5 other staff.

Core Duties/Responsibilities

Risk Identification, Assessment and Analysis

Assist and conduct comprehensive risk assessments to identify potential cybersecurity threats and vulnerabilities across EQ s infrastructure, data, applications, mobile and networks.
Utilise security tools and threat modelling techniques to evaluate the likelihood and impact of various security risks and identify the top priorities.
Analyse security data from multiple sources (including technical security documents, penetration testing tests and code scans) to provide insights into potential risks and security gaps.
Maintain Risk records and Risk Acceptances regarding IT, Information or Cyber Security in the Company s Risk Register/GRC tool.

Regulatory Requirements Identification

Research, identify and interpret, with the help of legal and compliance team, cyber security requirements and standards
Stay up-to-date with evolving cybersecurity regulations and legal requirements at local, national and international levels in which EQ operates.
Assist in compliance assessment and gap analysis to determine EQ s adherence to relevant cybersecurity regulations and frameworks. Ensure that these are incorporated into the Risk Process so that they are rigorously applied, where necessary, to new and changed IT systems and applications.

Third-Party Risk Management

Conduct Risk Analysis of existing and new third-parties playing a significant role in the Company s supply chain and with access to Company or customer data or the Company s systems
Track any significant risk issues arising to completion over agreed timescales.

Information Security Metrics & Reporting

Assist by collecting and organising data, helping to identify potential risks across various business units and prepare appropriate metrics and reports.
Support in the creation of regular and ad-hoc reports for Executives and senior management teams

Stakeholder Engagement

Engage with various developers and stakeholders across the business in selecting tailored security training on the training platform.
Engage in knowledge sharing sessions on emerging threats and security risk trends.

Risk Method Development

Assist the Information Security Risk Manager in developing and maintaining the EQ Security Risk Process.
Assist in developing and implement risk management strategies.
Collaborate with IT and security teams to implement technical measures like firewalls, encryption, and MFA.
Analysis and improvement of existing information security policies guidelines and procedures, creating new ones where required
Define best practice in the design and coding of proprietary systems developed by the Company and support the development teams in adhering to such practices with advice, education and provision of dynamic and static application security testing tools.

Skills, Capabilities and Attributes

The key skills and experience required for this role can be summarised as follows.

We are open-minded when it comes hiring candidates, we care more about attitude and aptitude rather than specific experience or qualifications. You should have accumulated at least 3-5 years technical experience in a security role within industry, assurance services or a consultancy.

Preferably, some experience is required of:

De facto or (inter)national standards for control, such as CoBIT, ISO 2700x, NIST CSF, etc.
Governance, Risk & Compliance (GRC) tools and methods
Experience in mobile, web application, infrastructure and cloud penetration testing.
Experience in mobile, web application, infrastructure and cloud penetration testing.
Demonstrable knowledge of the Cyber Kill Chain and MITRE ATT&CK Framework.
Good understanding of adversarial tactics, techniques, and procedures (TTPs) and their likelihood and impact to EQ.
Experience in evaluating existing cyber defences against identified threats and attacks to determine weaknesses and propose relevant detective or preventive control enhancements.

Benefits:

Being a permanent member of the team at EQ you will be rewarded by our company benefits, these are just a few of what is on offer:

3 days of additional leaves on & above statutory requirement along with 2 days of voluntary leaves to pursue the CSR initiatives
Business related certification expense reimbursement
Comprehensive Medical Assurance coverage for dependents & Parents
Cab transport for staff working in UK & US shift
Accidental & Life cover 3 times of concerned CTC

Employment Type: Full Time, Permanent

Read full job description