Community Manager

Job Title: Manager Information Security – IT

Job Purpose: Acting in a key technical management & execution capacity to provide a conduit between IT teams and key business stakeholders in your functional area of IT Security to ensure MSR information technology needs are managed consistently, following professional IT and global standards, and delivered with a high level of quality and customer satisfaction.

Reward level: Middle Management

Job Location Gurgaon

Experience 10+ years

Relevant Experience 7+ years

Reporting to: General Manager

Qualification: Bachelor’s degree in IT

Key Deliverables:

·        Provide support as Lead auditor towards ISMS and PIMS policies, procedures, and guidelines and perform regular review and update.

·        Perform deep assessment to gather evidence of continuous compliance with ISO 27001:2022 and ISO 27701:2019, DPDPA, IT Act and Cert In Regulation including audit logs, records of reviews, timely closure of open audit and risks and sharing the report with management.

·        Conduct regular, documented information security and privacy risk assessments identifying assets, threats, vulnerabilities, likelihood, and impact with stakeholders.

·        Prioritize identified vulnerabilities, detailed findings, remediation recommendations, trending reports on vulnerability posture towards closure with stakeholders.

·        Development and implementation of a comprehensive, ongoing security awareness and training program for all employees.

·        Encourage secure behaviours among colleagues and reinforce the importance of information security and privacy in daily operations.

·        Prepare regular report on overall information security posture, GRC maturity, and risk landscape to relevant stakeholders

·        Ability to collect lessons learned from incidents, audits, and assessments to drive continuous improvement in ISMS/PIMS and security processes.

Key Relationships:

·        Internal IT and business customers in MSR.

·        Global IT Vendor, market and global (HQ) colleagues, Local vendor partners

·        Internal staff - direct reports (where applicable)

·        IT vendors, contractors (where applicable)

Knowledge Skills and Abilities:

·        Must possess and demonstrate ISO 27001 Lead Implementer/Auditor and ISO 27701 Lead Implementer/Auditor certifications and knowledge.

·        In depth understanding of IT Act, DPDPA, Cert In regulations, CIS Controls as well as UK DPA and ISO 31000

·        Good to have certification on CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional) and Cloud Security certifications (e.g., CCSK, CCSP, vendor-specific like AWS Security Specialty)

·        Familiarity with common vulnerability scanning tools like Qualys (features, reporting, agent-based vs. network scans) and Cloud Security Posture Management (CSPM) tools like Wiz (cloud service provider configurations, misconfigurations, compliance checks in AWS, Azure, GCP).

·        Understanding of various penetration testing types (e.g., network, web application, API, mobile, cloud) and methodologies

·        Knowledge of common attack vectors and exploitation techniques like MITRE ATTACK and DEFEND framework.

·        Basic to intermediate knowledge of common security controls and technologies (e.g., firewalls, EDR, Cloud Security, VAPT tools, SIEM, WAF, DLP, encryption).

·        Understanding of network protocols, operating systems (Windows, Linux), and common application architectures.

·        Knowledge of audit principles and practices (internal and external audits).

·        Understanding of corrective action planning and non-conformity management.

·        Understanding of third-party risk management principles and vendor due diligence processes.

·        Excellent technical writing skills for creating clear, concise, and comprehensive security policies, standards, and procedures.

·        Ability to analyse complex risk data and present actionable insights.

·        Hands-on experience with Qualys for configuring scans, analysing reports, and managing vulnerabilities.

·        Hands-on experience with Wiz CSPM for monitoring cloud environments, identifying misconfigurations, and generating compliance reports.

·        Proficiency with GRC platforms or tools for managing policies, risks, and controls

·        Exceptional verbal and written communication skills to articulate complex security concepts to technical and non-technical stakeholders

·        Ability to build strong relationships and collaborate effectively with diverse teams (IT, Legal, HR, Development, Business Units).

·        Skills in influencing behaviour and driving change across the organization to improve security posture.

·        Strong analytical skills to diagnose security issues, identify root causes, and develop effective solutions.

·        Ability to critically evaluate security controls and identify gaps.

·        Contract review and negotiation skills specifically for security-related services.

·        Ability to effectively manage vendor relationships and performance.

·        Ability to develop and deliver engaging security training sessions and awareness campaigns.

·        Ability to stay updated with the latest security threats, vulnerabilities, technologies, and regulatory changes.

·        Capacity to quickly learn and adapt to new tools and methodologies.

·        Meticulous attention to detail in policy creation, audit documentation, and vulnerability analysis.

·        Ability to act calmly and effectively during security incidents and contribute to incident response efforts.

mail updated resume- etalenthire[at]gmail[dot]com

satish: 88O 27 49 743

Candidate need to do outcall and explain about banking products like (Personal Loans, Credit Cards, Insurance plans, FD's, Investment Plans etc.,)

Need to reach the monthly targets

Need to resolve customer Queries

Maintain good communication skills in Humble Manner

Good Convincing skills

Working Hours 9 Hrs (1 hour Break)

6 days Working (Monday to Saturday)

Salary Details (16000/- CTC to 20500/- CTC) Depends on candidate experience salary will can be negotiable.

Sunday Week Off

2 nd Saturday and 4th Saturday will be Week off

Complete Dayshifts Timings 9:00 AM TO 6:30 PM

2-Way transportation will be provided

Point to point Pick and Drop will available

Work from Office 

JD - System Analyst

1. Analysis and design of technical functionality and features.
2. Creation of requirements document and definition, Epics, User stories and addition of same to Fresh Release.
3. Facilitate daily scrums, stand-ups and meetings to monitor project progress and resolve any issues the team may be experiencing.
4. Collaborate with product owner and stakeholders and clear project obstacles and impediments that could slow down the team’s progress.
5. Meet and coordinate with internal stakeholders to establish project scope, system goals, and requirements.
6. Help the team boost their productivity and performance and helps development team create high-quality products.
7. Arrange and optimize product backlog.
8. Develop, analyze, prioritize, and organize requirement specifications, data mapping, diagrams, and flowcharts for developers and testers to follow.
9. Translate highly technical specifications into clear non-technical requirements.
10. Manage the set-up and configuration of systems. Provide documentation of all processes and training as needed.
11. Define and coordinate the execution of testing procedures and develop test cases to serve the overall quality assurance process.
12. Draw up, supervise and document testing schedules for complete systems.
13. Perform design, implementation, and upgrades of information systems to meet the business and user needs.
14. Implement best practices for scalability, support ability, ease of maintenance and system performance.
15. Identify options for potential solutions and assess them for both technical and business suitability.
16. Oversee implementation of a new system including data migration.

 Looking for talent who will be in charge of developing eCommerce websites. Duties would primarily consist of developing new projects using the Magento, writing custom extensions, and identifying quality community extensions.

REQUIREMENTS:-

• Experience in E-Commerce CMS such as Magento, OpenCart, PrestaShop
• Experience of developing/editing third-Party extensions
• Extensive experience of PHP and MySQL 
• Experience on Javascript frameworks such as jQuery
• Must handle multiple projects simultaneously
• Developer with strong PHP, Zend, and object-oriented programming experience
• Good experience of Magento core development (PHP) and Module development which involves database-level operations (Creating new tables in the database and developing Models for that) 
• Website Development project including both back-end and front-end development, customizing themes, plugins, and modules
• Experience with OCmod and vQmod in OpenCart
• Performance Optimization using cache, solr (or any nosql search)

       Knows how to consume 3rd party RESTful services