Incident Response Lead

at A digital cyber security company presence across Globe.

Agency job
icon
Remote, Hyderabad
icon
8 - 12 yrs
icon
₹35L - ₹50L / yr
icon
Full time
Skills
Web application security
Network Security
Cyber Security
IT security
Security
DevOps
Data Analytics
Network Administration
Digital Investigation
computer forensics
Ranson Specialist
sentinelOne

Job Summary:  

The Incident Response (IR) Lead manages a team of experts with diverse skill setsincluding Security Operations Center (SOC), Forensics, and technical Subject Matter Expert (SME) advisory. The IR Lead is specifically tasked with managing all aspects of an Incident Response engagement to include incident validation, monitoring, containment, log analysis, system forensic analysis, and reporting. The Incident Response Lead is also responsible for building the relationship with the client and client’s counsel and ensuring the engagement’s objectives and expectations are met and executed successfully as documented in the statement of work. You will leverage a solid foundation of technical expertise in Cybersecurity, Incident Response, and Digital Forensics to successfully execute your responsibilities.

 

ROLES AND RESPONSIBILITIES

· Accurately collects information from the client concerning the incident to include but not be limited to the client’s environment, size, technology, and security threats. In addition, the IR Lead is responsible for capturing all client’s expectations and objectives throughout the engagement to ensure successful delivery.

· The main point of contact manages and participates in all communications with the client and the client’s counsel during the engagement. The IR Lead sets the cadence for communications.

· Management and Coordination of all technical efforts for the IR engagement to drive the process forward through; tool deployment, ransomware decryption, restoration, and recovery efforts, system rebuilds, system, application, and network administration tasks.

· Coordinates with the Ransom Specialist when ransom negotiations are needed. Ensures updates regarding ransom status are delivered to the client and counsel in a timely fashion.

· Manages and coordinates the onsite efforts with the Onsite Lead or team ensuring they understand and can execute the objectives for the onsite work. Additional responsibilities with onsite efforts include ensuring communications are frequent and getting the daily onsite update communicating these back to the IR Director and/or IR Ops Associate for their Tiger Team.

· Ensures the Forensic Lead is coordinating the collection of data necessary for the investigation.

· Ensures SentinelOne is deployed on time and adding value.

· Communicates with sales when appropriate for SentinelOne, provide client contact.

· Communicates in tandem with the Forensic Lead pertinent findings to the client during the investigation.

· Follows up with the SOC Lead on SentinelOne alerts and encourages/coordinates client participation with the product.

· Accountable for final report review, ensuring the report is accurate, professional, and meets the objective of client counsel.

· Other duties as assigned.

DISCLAIMER The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required personnel so classified.

 

 Role Description : Skills & Knowledge

1. Experience leading scoping calls

2. Strong background and practical hands-on experience with Windows or Linux System and Network Administration, Security DevOps, Incident Response and Digital Forensics, or Security Engineering

3. Practical experience performing in a functional role including but not limited to one or more of the following disciplines: computer forensics, Incident Response, data analytics, Security Operations, and Engineering, Digital Investigations

4. Possesses strong verbal and written communication skills

JOB REQUIREMENTS

· Bachelor's degree in Computer Science, Computer Engineering, Information Assurance, Forensic Sciences, or related technical field; Graduate degree preferred

· 10+ years experience leading full-cycle incident response investigations and communicating with the client/counsel/carriers

· Must be eligible to work in the US without sponsorship

WORK ENVIRONMENT While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of this job.

 

PHYSICAL DEMANDS

· No physical exertion is required.

· Travel within or outside of the state.

· Light work: Exerting up to 20 pounds of force occasionally, and/or up-to 10 pounds of force as frequently as needed to move objects.

Read more
Why apply to jobs via Cutshort
Personalized job matches
Stop wasting time. Get matched with jobs that meet your skills, aspirations and preferences.
Verified hiring teams
See actual hiring teams, find common social connections or connect with them directly. No 3rd party agencies here.
Move faster with AI
We use AI to get you faster responses, recommendations and unmatched user experience.
2101133
Matches delivered
3712187
Network size
15000
Companies hiring

Similar jobs

Security Researcher

at Appknox

Founded 2014  •  Product  •  20-100 employees  •  Profitable
Penetration testing
Vulnerability assessment
Web application security
Cyber Security
IT security
Information security
API
Mobile security
Vulnerability scanning
icon
Remote, Bengaluru (Bangalore)
icon
2 - 5 yrs
icon
Best in industry

A BIT ABOUT US

 

Appknox is one of the top Mobile Application security companies recognized by Gartner and G2. A profitable B2B SaaS start-up headquartered in Singapore & working from Bengaluru.

The primary goal of Appknox is to help businesses and mobile developers secure their mobile applications with a focus on delivery speed and high-quality security audits.

 

Appknox has helped secure mobile apps at Fortune 500 companies with Major brands spread across regions like India, South-East Asia, Middle-East, US, and expanding rapidly. We have secured 300+ Enterprises globally.

 

We are a 30+ incredibly passionate team working to make an impact and helping some of the biggest companies globally. We work in a highly collaborative, very fast-paced work environment. If you have what it takes to be part of the team, we are excited and let’s speak further.

 

The Opportunity

 

To join the security team engaging with multiple clients, helping them with end to end security audits, also research about new topics and vulnerabilities to be added to the scanner, present it in conferences.

What An Ideal Candidate Would Look Like: 

  • Skills - Application Penetration Testing (Web, iOS and Android), experience with IoT testing, source code audits.
  • Technology Stack: AWS, GCP, Objective C, Java, Python
  • Responsibilities: Engage with clients for scoping call, perform security audits, remediation call with clients to patch the issues, research on new technologies/vulnerabilities

Minimum Requirements

  • Should have at least 2 years experience in security or show something that proves experience doesn’t matter
  • Strong Analytical Skills
  • Strong grasp of fundamentals of information security
  • Self-taught learner willing to read and keep up-to-date on technological changes and how they could be used
  • Can accurately define an issue and create detailed Proof-of-concept and write-up of the findings.
  • Provide appropriate remediation and mitigations of the identified vulnerabilities.

Responsibilities

  • Security assessment of web/mobile/cloud application on various platforms
  • Focusing on Mobile Application Security
  • Static and Dynamic Code Analysis
  • Develop and interpret security standards and guides
  • Automation of security test cases
  • Understand and explain the results with impact on business and compliance status
  • Continuously learning and training on latest tools and technique

 

 

Work Expectations

Within 1 month

Training on processes, security workflow

Within 3 months

Pentesting web, mobile, API endpoints

Within 6 months

Research and publish whitepapers, contribute to the Appknox Scanner


Personality traits we really admire:-

  • A confident and dynamic working persona, which can bring fun to the team, and a sense of humour, is an added advantage.
  • Great attitude to ask questions, learn and suggest process improvements.
  • Has attention to details and helps identify edge cases.
  • Highly motivated and coming up with fresh ideas and perspective to help us move towards our goals faster.
  • Follow timelines and absolute commitment to deadlines.

Interview Process - 

  • Round 1 Interview - Profile Evaluation; HR
  • Round 2 - Testing Assignment
  • Round 3 - Technical Interview with security team members
  • Round 4 - Technical Interview with the CTO and Team Lead
  • Round 5 - HR Round

Compensation

  •  As per industry standards

 

Why Join Us:-

  • Freedom & Responsibility: If you are a person who enjoys challenging work & pushing your boundaries, then this is the right place for you. We appreciate new ideas & ownership as well as flexibility with working hours.
  • Great Salary & Equity: We keep up with the market standards & provide pay packages considering updated standards. Also as Appknox continues to grow, you’ll have a great opportunity to earn more & grow with us. Moreover, we also provide equity options for our top performers.
  • Holistic Growth: We foster a culture of continuous learning and take a much more holistic approach to train and develop our assets: the employees. We shall also support you all on that journey of yours.
  • Transparency: Being a part of a start-up is an amazing experience one of the reasons being open communication & transparency at multiple levels. Working with Appknox will give you the opportunity to experience it all first-hand.
  • Health insurance: We offer health insurance coverage upto 5 Lacs for you and your family including parents.
Read more
Job posted by
Anushka Tharad
Java
Amazon Web Services (AWS)
Windows Azure
GitHub
Jenkins
DevOps
MongoDB
Apache HBase
Spring Boot
Hibernate (Java)
icon
Mumbai
icon
10 - 18 yrs
icon
₹18L - ₹22L / yr

Hi,

We are looking for cloud solution professionals with the following skill sets;

Experience: 10+ years in cloud architecting

Location: Mumbai

 

Job Responsibilities:

  • Analyze and understand customer business processes and workflows, define requirements and design appropriate solutions.
  • Provide End 2 end cloud Solutioning along with secured infra
  • Collaborate with vendors for the execution
  • Well understanding on open source stack frameworks, AWS & Azure Cloud services
  • Solutioning extending from green field to enterprise view
  • Presentation skills with a high degree of comfort with both large and small audiences.
  • High level of comfort communicating effectively across internal and external organizations
  • Intermediate/advanced knowledge of the cloud services, market segments, customer base and industry verticals.
  • Demonstrated experience leading or developing high quality, enterprise scale software products using a structured system development life cycle.
  • Demonstrated ability to adapt to new technologies and learn quickly.
  • Certified Solutions Architect( AWS / Azure)
  • Recommendations on security, cost, performance, reliability and operational efficiency to accelerate challenging, mission-critical projects
  • Experience migrating or transforming customer solutions to the cloud

Primary Skills :

JAVA / J2EE; Spring, Spring Boot, Microservices,Angular JS, Instream data handling, Elastics search DB, Mango DB,DevOps tools- Jenkin, github,maven build, Hands on AWS & Azure cloud services,Mobile: Native and hybrid app hands on;Docker Containers , AKS,Big data and Hbase, Data Lake , service bus, AD

Secondary Skills :

  • Extensive experience in Microservices, Rest Services, JPA, Automated unit testing through tools.
  • Proven design skills and expertise is required.
  • Good knowledge of current / emerging technologies and trends.
  • Good analytical, grasping and problem solving skills. Excellent written and verbal communication skills. High levels of initiative and creativity.
  • Good communication skills with all stake holders, good team player with ability to mentor juniors
Read more
Job posted by
Jayaraj E

Sr. Security Engineer with Kubernetes

at F5 Networks

Founded  •   •  employees  • 
Cyber Security
Kubernetes
Monitoring
Audit
Threat analysis
Access control
Security Information and Event Management (SIEM)
SecOps
icon
Bengaluru (Bangalore)
icon
5 - 10 yrs
icon
Best in industry

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.

 

Responsibilities:

  • Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
  • You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
  • You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
  • You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
  • You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
  • Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members

 

Minimum qualifications:

  • BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
  • Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
  • Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
  • Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
  • Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
  • Good understanding of complexities and security challenges in large-scale distributed systems
  • Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
  • Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
  • Excellent written and verbal communication skills
  • Strong interpersonal, team building, and mentoring skills
Read more
Job posted by
Sajid Khan
Automation
Ansible
Red Hat Certified Engineer
Red Hat Linux
RESTful APIs
CI/CD
Python
Scripting
VMWare
Microsoft Windows
Infrastructure
Storage & Networking
DevOps
icon
Remote, Bengaluru (Bangalore)
icon
3 - 6 yrs
icon
₹4L - ₹14L / yr
Key skills:
• Deliver and support the deployment of Red Hat Ansible Automation Platform automation for enterprises
• Design, create, and deliver content that will enable support automation solutions at scale
• Working experience(min 6 months) in Ansible, RESTful APIs,
• Experience implementing a continuous integration (CI) or continuous development (CD) pipeline
• Intermediate-level scripting skills or Python
• Very good analytical/problem solving skills,
• Working experience in any one virtualized platform (VMware/Red Hat/Microsoft)
• Infrastructure(server/storage/network) management experience(desirable)
• Relational Database concepts(desirable)
• Understanding of cloud concepts
 
Experience:
• 3+ Years of Hands-on Red Hat Ansible Automation Platform & DevOps Experience
Read more
Job posted by
Sanjay Biswakarma
Ansible
Puppet
Docker
Linux/Unix
Network protocols
Troubleshooting
Python
Communication Skills
IaaS
perl
DevOps
Chef
icon
Bengaluru (Bangalore), Pune
icon
3 - 5 yrs
icon
₹6L - ₹8L / yr
Skills Required
●Extensive experience of Linux, including familiarity with C, UNIX system calls, and low-level O/S and network protocols. Also block, file and object storage protocols.
●Experience of using a modern configuration management system (examples such as Ansible, Salt Stack, Puppet, or Chef) to automate the management of a large-scale Linux deployment.
●Effective troubleshooting skills across hardware, O/S, network, and storage.
Skills Desired
●Ability to write robust, maintainable code in Python and/or Perl.
●Experience working in a large, multi-national enterprise in any industry vertical, showing experience of communicating and collaborating in globally distributed teams.
●Enthusiasm for modern development tools and practices including Git, Jenkins, automated testing, and continuous integration.
●Experience of designing, implementing and supporting large scale production IaaS platforms.
●Knowledge of building and managing Docker containers in a secure manner.
Read more
Job posted by
Jerrin Thomas

Information Security Manager

at Netmeds.com

Founded 2015  •  Product  •  500-1000 employees  •  Raised funding
Information security
IT security
WAF
Docker
Ethical Hacking
Network Security
Penetration testing
Vulnerability assessment
ISO/IEC 27001:2005
Web application security
Firewall
Burp suite
Amazon Web Services (AWS)
Windows Azure
Security Information and Event Management (SIEM)
Fraud management
Log management
Patch Management
Data security
Cyber Security
DevOps
icon
Chennai
icon
5 - 10 yrs
icon
₹10L - ₹30L / yr

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

 

Roles & Responsibilities:

  • Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
  • Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
  • Managing penetration tests and security reviews for core applications and APIs.
  • Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
  • Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
  • Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
  • Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
  • Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
  • Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
  • Investigate privacy breaches.
  • Educate employees on data privacy & security.
  • Prioritize security requirements based on their severity of impact and product roadmap.
  • Maintain a balance of security and business values across the organisation.

 Required Skills:

  • Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
  • Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.
  • Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.
  • Experience in Log Management, Security Event Correlation, SIEM.
  • Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

 

Good to Have Skills:

  • Online Fraud Prevention.
  • Bug Bounty experience.
  • Security Operations Center (SOC) management.
  • Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
  • Experience / Knowledge on tools like Fortify and Nessus.
  • Experience in handling logging tools on docker container images (ex. Fluentd).
Read more
Job posted by
Vijay Hemnath

Application Migration Architect

at Searce Inc

Founded 2004  •  Products & Services  •  100-1000 employees  •  Profitable
Amazon Web Services (AWS)
Migration
DevOps
VMWare
Data center migration
Google Cloud Platform (GCP)
Java
J2EE
Linux/Unix
Python
Ruby
icon
Hyderabad
icon
9 - 14 yrs
icon
₹8L - ₹35L / yr

Are you the one? Quick self-discovery test:

  1. Love for the cloud: When was the last time your dinner entailed an act on “How would ‘Jerry Seinfeld’ pitch Cloud platform & products to this prospect” and your friend did the ‘Sheldon’ version of the same thing.
  2. Passion: When was the last time you went to a remote gas station while on vacation and ended up helping the gas station owner saasify his 7 gas stations across other geographies.
  3. Compassion for customers: You listen more than you speak.  When you do speak, people feel the need to listen.
  4. Humor for life: When was the last time you told a concerned CEO, ‘If Elon Musk can attempt to take humanity to Mars, why can’t we take your business to run on the cloud?

So what are we looking for?

  • Experience in On-premises to AWS cloud Migration. 
  • Linux and Windows servers knowledge .
  • Application knowledge like Java, .net, Python, Ruby.
  • On-premises to Cloud migration assessment experience as a must .
  • Able to provide a detailed migration analysis report and present it to the customer.
  • Creative problem-solving skills and superb communication skills. 
  • Respond to technical queries / requests from team members and customers. 
  • Ambitious individuals who can work under their own direction towards agreed targets/goals. 
  • Ability to handle change and be open to it along with good time management and being able to work under stress. 
  • Proven interpersonal skills while contributing to team effort by accomplishing related results as needed. 
  • Maintain technical knowledge by attending educational workshops, reviewing publications.

Job Responsibilities:

  1. Managing  initiatives for migration and modernization in AWS cloud environment 
  2. Leads and builds Modernization architecture solution from (on-prem or VMWare) into modern platform (Cloud AWS) through modular design by understanding application components 
  3. Leads and SME in Modernization methodology and can lead the Design thinking workshop, method tailoring as Client environment and Client industry
  4. The 6 most common application migration strategies below required
    1. Re-host (Referred to as a “lift and shift.”)
    2. Re-platform (Referred to as “lift, tinker, and shift.”)
    3. Re-factor / Re-architect  
    4. Re-purchase
    5. Retire
    6. Retain ( Referred to as re-visit.)
  5. Application migration analysis experience like application compatibility on the cloud, Network, security support on cloud.

Qualifications:

  1. Is Education overrated? Yes. We believe so. But there is no way to locate you otherwise. So we might look for at least a Bachelor’s or Master's degree in engineering from a reputed institute or you should be programming from 12. 
    1. And the latter is better. We will find you faster if you specify the latter in some manner. Not just a degree, but we are not too thrilled by tech certifications too :)
  2. Architects with 10+ total and 6+ years of experience on Modernization applications and led Architecture initiatives on AWS Modernization.
  3. Managed and implemented at least 5 engagement modernizing client applications to AWS Cloud and on WebSphere and Java/J2EE or .NET.
  4. Experience on using DevOps tools during Modernization.
  5. Complete in-depth experience and knowledge of AWS as a product and its components.
  6. AWS certification would be preferred.
  7. Experience in Agile fundamentals and methodology.
Read more
Job posted by
Ishita Awasthi

Network Security Manager

at Urbancompany (formerly known as Urbanclap)

Founded 2014  •  Services  •  100-1000 employees  •  Raised funding
Network Security
IT security
Information security
Firewall
VPN
Incident management
Troubleshooting
Routing & Switching
Juniper
Network monitoring
icon
Remote, NCR (Delhi | Gurgaon | Noida)
icon
5 - 7 yrs
icon
Best in industry

Why are we building UrbanClap?

The local and home services industry is very fragmented and unorganized. Prior to UrbanClap, hiring a plumber, beautician, yoga trainer, math tutor etc. was a painful process. There were no standards, no concept of trust, pricing inefficiencies etc. In a nutshell, the industry was shackled in the “yellow pages” era, and had seen no fundamental innovation for far too long.

The UrbanClap team is young and passionate, and we see a massive disruption opportunity in his industry. By leveraging technology, and a set of simple yet powerful processes, we wish to build a platform that can organize the world of services - and bring them to your finger-tips.We believe there is immense value (akin to serendipity) in bringing together customers and professionals looking for each other. In the process, we hope to impact the lives of millions of service entrepreneurs, and transform service commerce they way Amazon transformed product commerce.

 

Job Description

1. Lead the IT Network Security function at Urban Company and serve as the subject matter expert to manage the overall IT security infrastructure. The candidate will report directly to the Head of Workplace Infrastructure.

2. Maintaining firewalls, virtual private networks, web protocols, and email security

3. Develop the Incident management protocols to troubleshoot and repair network-related problems, system failures, switching/routing, etc.

4. Ensure the infrastructure is properly monitored within set thresholds and that alerts regarding network outages are addressed in a timely manner

5. Identify/diagnose network configuration and/or performance irregularities.

6. Determining latest technologies and processes that improve the overall security infrastructure.

7. Manage vendors and critical system AMCs

 

Job requirements:

1. Strong hands on experience on Network Hardware like Cisco Meraki, Juniper switches, Sophos XG firewall and other firewalls

2. Good understanding and knowledge of Network and Security

3. Knowledge of network monitoring tools

4. Strong practical knowledge of network concepts including DNS, DHCP, VPN, NAT, ACL, Access Groups, IPsec, AAA network protocols, port configuration, link aggregation, spanning tree optimization, traffic Shaping, and performance tuning.

5. Basic knowledge in Linux Unix command line, window’s batch scripts

6. Decode the error /alarm status, understand the failed unit / device and provide hands and feet support in resolution through strong hardware and networking troubleshooting techniques

7. Maintain an updated document for LAN and WAN network diagrams with relevant details

8. Monitor Routers & Interface statistics for up / down status along with router CPU Utilization & log monitoring, study CPU usage, memory usage, fine-tuning, availability, throughput, and latency) and test for weaknesses and recommend upgrade

9. Provide comprehensive and up-to-date documentation and inventories of Network assets, Services procedures, and configurations to ensure that maintenance and continuity of the Service is achievable in a timely manner

10.Define Security Concept deployment, Security Policies for Urban Company

 

Read more
Job posted by
Palak Monga

DevSecops- Information Security Architect

at EZEU (OPC) India Pvt Ltd

Founded 2020  •  Services  •  0-20 employees  •  Raised funding
Information security
Security operations
Penetration testing
Security analysis
Cyber Security
devsecops
icon
Pune, Bengaluru (Bangalore)
icon
10 - 15 yrs
icon
₹20L - ₹45L / yr
Security Architectural solutions, designing, Security Analysis, Infrastructure architecture, Application architecture, DevSecOps and cloud understanding, Threat Modelling, Penetration testing, Governance Risk & Compliance
Read more
Job posted by
HR Ezeu

Manager - Information Security

at HDFC Life is one of India's leading and most valuable private life insurance company

Agency job
via Insignia Search
Network Security
Project Management
DevOps
application security
OWASP
OSSTM
FISMA
icon
Mumbai
icon
7 - 9 yrs
icon
₹14L - ₹17L / yr
Overall purpose of the job - This role would be responsible for identifying and implementing mitigations, practices and controls ensuring adequate application and infrastructure security posture is maintained all at times Key Performance Areas - • Good at application threat modeling and applications risk identification & remediation • Strong web application security experience with thorough understanding of web application vulnerabilities • Knowledge of database, application, and web server design and implementation • Familiarity with Security standards \ frameworks and groups (OWASP, OSSTM, WASC, FISMA) • Experience in dynamic and static application vulnerability scanners like HP WebIspenct, IBM AppScan, HP Fortify, etc • Create, implement & review data protection strategy across the organization. • Experience in client handling including interaction with developers for understanding the mitigations • Experience on Mobility Platform like Phone-Gap \ native Android \ Worklite and MDM /MAM • Knowledge of DevOps and other upcoming technologies used in SDLC • Experience in manual verification of false positives reported by automated tool • Devise and enforce standards and best practices for data protection in line with international standards and industry best practices. • Evaluate the adequacy of security measures including network security to protect organizational data and information assets • Define and implement project as per approved Plan of action. • Identify security solutions as per business needs • Manage POC for agreed and approved solutions as per defined process • Conduct partner reviews • Coordinate with vendors / partners on closure of projects / activities • Manage intra and inter department conflict amicably • Benchmark and compare security practices with the industry • Implementation, operation and maintenance of the Information Security Management System based on standards like ISO/IEC 27001, Cobit, ITIL etc as applicable. • Information security risk assessments and controls selection activities • Track all audit schedules and ensure closure of all security gaps. • Reporting of all critical security issues • Co-ordinate for Risk Assessment of IT systems and Third Party workloads • Facilitate Internal process and IT audits • Software license compliance at all times • Implement tools and processes related to compliance monitoring as per internal security policies and applicable laws and regulations • Facilitate and drive initiatives of Internal Audits for Information Technology and update on Closure and Identified Risk to the Management • Review of Third Party applications / systems and network security on monthly basis • Adherence To Change Management Processes
Read more
Job posted by
Kushal Dadhich
Did not find a job you were looking for?
icon
Search for relevant jobs from 10000+ companies such as Google, Amazon & Uber actively hiring on Cutshort.
Get to hear about interesting companies hiring right now
iconFollow Cutshort
Want to apply to this role at A digital cyber security company presence across Globe.?
Why apply via Cutshort?
Connect with actual hiring teams and get their fast response. No spam.
Learn more
Get to hear about interesting companies hiring right now
iconFollow Cutshort