Responsibilities:
- Provide leadership and direction in all aspects of IT security operations, including incident response, threat detection, and security incident management.
- Review business portfolios and software requirements to effectively determine security testing for various requirements like Web application, Privilege management, Data validation, Access control, Cryptography.
- Develop and maintain incident response plans and procedures, conducting regular tabletop exercises and incident simulations.
- Identify and mitigate security risks through proactive monitoring, threat intelligence analysis, and security awareness programs.
- Stay current with industry standard development and software technologies and competencies, including in-depth knowledge and understanding of computer applications, knowledge of risk assessment methodologies and frameworks.
- Test the logical access control data analysis for the application and identity the access violations with in the application.
- Developing and designing security devices and software to ensure the safety of clients’ or internal products and information
- Managing security measures for information technology system within a networked system
- Manage a team that will execute/maintain a master test plan and/or the project plan, create or assist in a comprehensive security test plan, generate test cases and/or scenarios based on the requirements and/or other project documentation.
- Working on Operating system (Windows/Linux)
Requirements:
- Minimum of 8 years of IT security experience is operations, engineering and projects.
- Minimum 5 years of experience in Security tools management ,vulnerability assessment, understanding and validating the security policies and their implementation by leading a team of product SMEs.
- Bachelor Degree or MS degree in Computer Science or a related technical discipline.
- Ability to communicate the impact of security vulnerabilities and their potential risk to key stakeholders of various backgrounds.
- Good knowledge of Antivirus Solutions / Endpoint AV Solution, Web Filtering solution:- Cloud based Proxy, Database Security solution.
- Flexible and creative in finding alternative solutions and/or workarounds where security resolutions are in conflict with available resources or solution designs.
- Working knowledge of devices such as SIEM, PIM, IDS/IPS, Web filtering solutions, Email gateway solution.
- Knowledge of Operating system (Windows/Linux) working is desirable.
- Should have experience on client management and have clear communication.
- Should have experience on client management and have clear communication. He should be having strong understanding on the different ITSM process in an organization (Change Management/Incident Management/Release Management etc.)
- Strong knowledge in analysis of web applications, scanning and preparing vulnerability assessment reports using commercial security testing/scan tools like Nessus Security center, Symantec Compliance Control Suite.
- Should have basic understanding of project life-cycle and should have handled/Implemented information security projects in his tenure.
- Experience in managing data center activities is added advantage
- Industrial Standard certifications like CISSP/CISM are highly desirable. Product and Cloud security certifications are good to have.
Product Expertise: -
1. Antivirus Solutions
2. EDR/ ATP/ DLP/ DNAC endpoint security solutions..
3. IDS/IPS, traffic aggregators and WAF solutions.
4. Advance persistent threat
5. Compliance/VA tools
6. PIM/PAM Solution management
7. Web Filtering solution (Proxies): - Zscaler/ WSS/McAfee
8. Email Gateway solution: - Symantec Messaging Gateway
9. Data Base Security.
10. SIEM SaaS and Cloud Security tools.
