• Security Compliance Monitoring Specialist

Industry IT
Location Karnataka Bangalore
Experience Range 3 - 6 Years
Qualification any

Functional IT Software-Other
Job Description
About Us
“Magna Infotech, now Quess IT Staffing, is India’s largest IT staffing company with over 20 years of experience in staffing IT professionals in 300+ companies across levels and skillsets. Our 10,000+ associates deployed in 80+ cities and towns are proficient in over 500 technological skills. Our associates help enable cutting edge solutions some of the biggest names across industried. Quess IT Staffing is a division of Quess Corp Limited, India’s leading business services provider and largest domestic private sector employer. Quess Corp Limited is - ‘A Great Place to Work’ certified – a testament to our excellent culture, people, and processes.”
About Company
Roles and Responsibility
  • Job Description

    Exp- 3 to 6 years

    Notice- 15days to Immediate 

    "Security Compliance Monitoring Specialist

    Deliverables / Expectation

    Monitor, assess, validate, and report security compliance status based on defined policies and

    standards. Track and report the status of the compliance levels and enforce the deployment of

    expected controls.

    Tasks to be performed under this contract:

    a)         Support compliance / monitoring related projects;

    b)         Deploy regular assessment / validation of controls against ICT policies and standards;

    c)         Provide advisory to support decision-making activities related to control deployment;

    d)         Maintain cloud-based security solutions as Microsoft Threat, Security and Compliance Solutions


    e)         Manage KPI / metrics definition and evaluation about security compliance, including the

    follow up remediations actions.

    f)         Ensure the organizational exposure level reported by Microsoft Defender for Endpoint solution is

    at an acceptable level;

    g)         Monitor activities of third-party providers and ensure the highest level of compliance / customer

    service based on contract agreements;

    h)         Lead technical implementation/deployment of new solutions, products, and/or services through

    project management principles, and provide project?s documentation;

    i)         Provide technical support to business/system and technology owners to propose mitigation and

    remediation solutions to identified issues/security incidents;

    j)         Reviews ICT architectures and implementation details for design flaws, incorrect security

    implementation, and missing security controls;

    k)         Participate and execute security and risks assessments and evaluations of existing on-prem and/or

    cloud-based environments;

    l)         Conduct Microsoft 365 Compliance Manager?s Risk assessments (MS Purview);

    m)         Document and report on processes and procedures; additionally, provide advisory and/or create

    security policies based on international standards and regulations;

    n)         Responsible for composing essential project documentation (concept notes, workplan, roadmap,

    project closure report, RFP definition, periodically project progress reporting);

    o)         Perform such other duties as may be assigned by the direct supervisor.

    Performance indicators for the evaluation of results

    a)         Deliver project documentation requested by the direct supervisor during the agreed months,

    including advances of regular tasks as:

    a.         plan, design, and implement security controls;

    b.         monitor, assess, validate and generate reports related to deployed controls, findings, gaps,

    compliance levels and identified risks;

    c.         follow up and enforce the deployment of missing controls based on defined policies and


    b) During the agreed months, performs the needed operations and execution of the related tools,

    processes, and controls related to Information Security Unit Work Plan and Roadmap.

    Education, Experience, and/or skills required


    • University degree in Computer Sciences, Engineering or relevant field from an accredited
    • academic institution with 4 years of relevant professional experience;
    • Cloud computing certifications at the associate/professional/specialty level from Azure, M365,
    • and/or AWS are a distinct advantage;
    • ITIL and Prince2 Foundation are advantages;
    • Other Network, and Computer industry certifications would be an advantageExperience
    • 3+ years of experience with assessment, validation and reporting using solution as Power BI /
    • Power BI Builder / Power Automate;
    • 3+ years of Information Security / Cybersecurity / Compliance / Audit experience, working with
    • on-prem and cloud-based security solutions (e.g., Microsoft Threat Protection suite, AWS Security
    • Solutions, Zscaler, Intune);
    • 2+ years of relevant security analysis and reporting work experience (security consulting).
    • Skills
    • Strong knowledge and experience in Microsoft Azure, Microsoft Active Directory; Microsoft Azure
    • Active Directory
    • Demonstrated technical skill in infrastructure architecture, application, data security, and cloud
    • computing with emphasis on Microsoft Azure, M365, and AWS;
    • Demonstrated ability to analyze system services, operating systems, networks, and applications
    • from a security perspective and discover security issues that appear under new threat scenarios;
    • Strong knowledge of compliance, controls deployment
    • Strong knowledge of reporting tools (e.g., MS Excel, Power BI, Power BI Report Builder);
    • In-depth and advanced knowledge of TCP/IP protocol, WAN and LAN technologies, Virtual Private
    • Networks and network management, security and documentation, including network brands as
    • Cisco, Kemp, Fortinet;
    • In-depth understanding of Microsoft based networks including Windows Server, Microsoft
    • Exchange Online, DNS, DHCP, and other Windows network technologies (cloud and on-prem);
    • In-depth understanding of Microsoft based security solutions: Azure Defender, Microsoft 365
    • Defender, Security Center, Azure Defender, Azure Sentinel, Insider Risk Management / DLP

    800-53, and CIS Controls.

    Work Schedule: 8:00am to 5:00pm Geneva Time

    Service Duration: 12 months"


    policies, Defender for IoT;

    Knowledge of incident, request, change, and configuration management as applied to IT Service

    Management. Foundation level certification in ITIL is highly desired.

    Strong level familiarity with Cyber Security Regulatory Compliance bodies such as ISO 27001, NIST

    A+| A| A-