Senior InfoSec Auditor

Job Description

Our Company

Changing the world through digital experiences is what Adobeu2019s all about. We give everyoneu2014from emerging artists to global brandsu2014everything they need to design and deliver exceptional digital experiences! Weu2019re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen.u00A0

Weu2019re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!

u00A0

Job Requisition: Senior InfoSec Auditor

Our Company

Changing the world through digital experiences is what Adobeu2019s all about. We give everyoneu2014from emerging artists to global brandsu2014everything they need to design and deliver exceptional digital experiences. Weu2019re passionate about empowering people to craft beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen.

Weu2019re on a mission to hire the very best and are committed to building exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!

The Opportunity

Adobeu2019s Risk Advisory and Assurance Service (RAAS) function, formally Global Audit, is seeking an experienced Information Security professional to assess the design and effectiveness of Information Security & Technology controls across Adobeu2019s technology landscape. The candidate must have a good insight and understanding of the Technology and Cyber Security risks in line with regulatory and other compliance requirements. This position will be based in Adobe's Bangalore Office.

What you will Do

• Work under the supervision of the RAAS Group Manager to plan, scope, and evaluate the design and efficiency of the internal controls (On-prem and public Cloud)
• Conduct Cyber Security Assessments, including Security Architecture reviews, Design and workflow assessments, Configuration reviews, Cloud Security Reviews, VA/PT, and emerging risks such as ransomware.
• Perform Information Security-related assessments to cover domains such as User Access Management, Network, OS, and application Security, Encryption, Backup Management, Disaster Recovery, Training, and awareness.
• Evaluate and review the Security Architectures, Designs, and Cloud platform and supporting technologies
• Support the delivery and scaling of the SOX program. Hands-on with the design and testing of IT General Controls (ITGC) & IT App Business controls
• Assist with the development of project plans, which include scope, schedule, cost, quality, organization, communication, staffing, risk, and issue management
• Present insightful dashboards and reports to demonstrate our overall risk posture to the management
• Stay abreast of Security trends, emerging technology, and cybersecurity field developments

What you need to succeed

• Bachelor's or Masteru2019s in Information Systems, Computer Science, and Information Technology.
• Minimum 3-5 years of experience in Information Security.
• The candidate should hold a relevant credential such as CISA, CISSP, CRISC, or CCSP. Other certifications, such as AWS/Azure Architect and security specialty, are a plus.
• Experience in one or more of the following areas: Application security, Linux/Windows system security, Network Security (Firewalls, Switches, Routers, LAN, WAN Security), mobile device security, wireless security, cloud technologies (IaaS, SaaS environments, etc.), and web technologies.
• Experience with implementing and auditing security controls for Cloud environments (AWS, Azure, Google Cloud, etc.) is a must!
• Familiarity with the Common Vulnerability Scoring System (CVSS) and other Vulnerability Management Databases (e.g., CVE)
• Solid understanding of information security & Governance frameworks like COBIT, NIST, ISO 27001, and regulatory compliances like SOX, GDPR, PCI-DSS
• Capable of interpreting these requirements and translating them into relevant considerations for GRC processes, risk management, and controls.
• Knowledge of vulnerability assessment and penetration testing (Infrastructure & Web Application).
• Knowledge of Controls Automation and Continuous Monitoring practices
• Effective communication skills to cultivate positive collaboration with colleagues from diverse technical backgrounds.
• Strong analytical and problem-solving skills, incl. the ability to research and simplify sophisticated situations
• Ability to prioritize multiple projects simultaneously and prioritize tasks to meet project timelines.
• Good interpersonal, oral, written, and presentation skills.
• The candidate must be an excellent teammate, self-motivated, and have a can-do demeanor. Ability and willingness to travel (approx. 10%).

At Adobe, you will be immersed in an exceptional work environment that is recognized worldwide on Best Companies lists. You will also be surrounded by colleagues who are committed to helping each other grow through our unique Check-In approach, where ongoing feedback flows freely.

If youu2019re looking to make an impact, Adobe's the place for you. Discover what our employees are saying about their career experiences on the Adobe Life blog and explore the important benefits we offer.

Adobe is an equal-opportunity employer. We welcome and encourage diversity in the workplace regardless of gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, or veteran status.

Adobe is proud to be anu00A0u00A0and affirmative action employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law.u00A0
u00A0

Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, emailu00A0u00A0or call (408) 536-3015.

Adobe values a free and open marketplace for all employees and has policies in place to ensure that we do not enter into illegal agreements with other companies to not recruit or hire each otheru2019s employees.