Equiniti logo

Information Security Risk Analyst

Equiniti

Posted 3 days ago

About this role

Management Level

G

Equiniti is a leading international provider of shareholder, pension, remediation, and credit technology. With over 6000 employees, it supports 37 million people in 120 countries.  

EQ India began its operations in 2014 as a Global India Captive Centre for Equiniti, a leading fintech company specialising in shareholder management. Within a decade, EQ India strengthened its operations and transformed from being a capability centre to a Global Competency Centre, to support EQ's growth story worldwide.

Capitalising on India’s strong reputation as a global talent hub for IT / ITES, EQ India has structured the organisation to be a part of this growth story. Today, EQ India has evolved as an indispensable part of EQ Group providing critical fintech services to the US and UK.

EQ’s vision is to be the leading global share registrar, offering complementary services to its client base and our values set the core foundations to our success. We are TRUSTED to deliver on our commitments, COMMERCIAL in building long term value, COLLABORATIVE in our approach and we IMPROVE by continually enhancing our skills and services. There has never been a better time to join EQ.

Core Duties/Responsibilities

Risk Identification, Assessment and Analysis

  • Assist and conduct comprehensive risk assessments to identify potential cybersecurity threats and vulnerabilities across EQ’s infrastructure, data, applications, mobile and networks.
  • Assist in conducting comprehensive security risk assessments for internal systems, third-party services, and cloud-based infrastructure.
  • Review cloud architecture, deployment models, and services to identify gaps against industry best practices (e.g., CIS Benchmarks, NIST, ISO 27001).
  • Utilise security tools and threat modelling techniques to evaluate the likelihood and impact of various security risks and identify the top priorities.
  • Collaborate with DevOps and Cloud Engineering teams to advise on security controls and risk mitigation strategies in AWS, Azure.
  • Analyse security data from multiple sources (including technical security documents, penetration testing results and code scans)  to provide insights into potential risks and security gaps.
  • Assist in designing and recommending risk mitigation strategies based on assessment findings, including updates to policies, security controls and technical solutions.
  • Maintain Risk records and Risk Acceptances regarding IT, Information or Cyber Security in the Company’s Risk Register/GRC tool.

Regulatory Requirements Identification

  • Research, identify and interpret, with the help of legal and compliance team,  cyber security requirements and standards (e.g.  GDPR, NIST, ISO27001, SOX, AI Act, DORA).
  • Stay up-to-date with evolving cybersecurity regulations and legal requirements at local, national and international levels in which EQ operates.
  • Assist in compliance assessment and gap analysis to determine EQ’s adherence to relevant cybersecurity regulations and frameworks. Ensure that these are incorporated into the Risk Process so that they are rigorously applied, where necessary, to new and changed IT systems and applications.

Third-Party Risk Management

  • Conduct Risk Analysis of existing and new third-parties playing a significant role in the Company’s supply chain and with access to Company or customer data or the Company’s systems
  • Track any significant risk issues arising to completion over agreed timescales.

Information Security Metrics & Reporting

  • Assist by collecting and organising data, helping to identify potential risks across various business units and prepare appropriate metrics and reports.
  • Support in the creation of regular and ad-hoc reports for Executives and senior management teams

Stakeholder Engagement

  • Engage with various developers and stakeholders across the business in selecting tailored security training on the training platform.
  • Engage in knowledge sharing sessions on emerging threats and security risk trends.

Risk Method Development

  • Assist the Information Security Risk Manager in developing and maintaining the EQ Security Risk Process.
  • Assist in developing and implement risk management strategies.
  • Collaborate with IT and security teams to implement technical measures like firewalls, encryption, and MFA.
  • Analysis and improvement of existing information security policies guidelines and procedures, creating new ones where required
  • Define best practice in the design and coding of proprietary systems developed by the Company and support the development teams in adhering to such practices with advice, education and provision of dynamic and static application security testing tools.

Benefits:

Being a permanent member of the team at EQ you will be rewarded by our company benefits, these are just a few of what is on offer:

  • Business related certification expense reimbursement
  • Comprehensive Medical Assurance coverage for dependents & Parents
  • Accidental & Life cover 3 times of concerned CTC

We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships. Please note any offer of employment is subject to satisfactory pre-employment screening checks.

Job details

Workplace

Office

Location

Unit 3, India

Job type

Full Time

Similar

Company

Website

Visit site

Twitter

@equiniti

Jobr Assistant extension

Get the extension →