Loading...

{{notif_text}}

The next CutShort event, {{next_cs_event.name}}, in partnership with UpGrad, will happen on {{next_cs_event.startDate | date: 'd MMMM'}}The next CutShort event, {{next_cs_event.name}}, in partnership with UpGrad, will begin in a few hoursThe CutShort event, {{next_cs_event.name}}, in partnership with UpGrad, is LIVE.Join now!
{{hours_remaining}}:{{minutes_remaining}}:{{seconds_remaining}}Want to save 90% of your recruiting time? Learn how in our next webinar on 22nd March at 3 pmLearn more

Manager - Information Security
HDFC Life is one of India's leading and most valuable private life insurance company

apply to this job

Locations

Mumbai

Experience

7 - 9 years

Salary

{{1400000 / ('' == 'MONTH' ? 12 : 100000) | number}} - {{1700000 / ('' == 'MONTH' ? 12 : 100000) | number}} {{'' == 'MONTH' ? '/mo' : 'lpa'}}

Skills

Network Security
Project Management
DevOps
application security
OWASP
OSSTM
FISMA

Job description

Overall purpose of the job - This role would be responsible for identifying and implementing mitigations, practices and controls ensuring adequate application and infrastructure security posture is maintained all at times Key Performance Areas - • Good at application threat modeling and applications risk identification & remediation • Strong web application security experience with thorough understanding of web application vulnerabilities • Knowledge of database, application, and web server design and implementation • Familiarity with Security standards \ frameworks and groups (OWASP, OSSTM, WASC, FISMA) • Experience in dynamic and static application vulnerability scanners like HP WebIspenct, IBM AppScan, HP Fortify, etc • Create, implement & review data protection strategy across the organization. • Experience in client handling including interaction with developers for understanding the mitigations • Experience on Mobility Platform like Phone-Gap \ native Android \ Worklite and MDM /MAM • Knowledge of DevOps and other upcoming technologies used in SDLC • Experience in manual verification of false positives reported by automated tool • Devise and enforce standards and best practices for data protection in line with international standards and industry best practices. • Evaluate the adequacy of security measures including network security to protect organizational data and information assets • Define and implement project as per approved Plan of action. • Identify security solutions as per business needs • Manage POC for agreed and approved solutions as per defined process • Conduct partner reviews • Coordinate with vendors / partners on closure of projects / activities • Manage intra and inter department conflict amicably • Benchmark and compare security practices with the industry • Implementation, operation and maintenance of the Information Security Management System based on standards like ISO/IEC 27001, Cobit, ITIL etc as applicable. • Information security risk assessments and controls selection activities • Track all audit schedules and ensure closure of all security gaps. • Reporting of all critical security issues • Co-ordinate for Risk Assessment of IT systems and Third Party workloads • Facilitate Internal process and IT audits • Software license compliance at all times • Implement tools and processes related to compliance monitoring as per internal security policies and applicable laws and regulations • Facilitate and drive initiatives of Internal Audits for Information Technology and update on Closure and Identified Risk to the Management • Review of Third Party applications / systems and network security on monthly basis • Adherence To Change Management Processes

About Insignia Search

undefined

Founded

Type

Size

employees

Stage

View company

Similar jobs

Want to apply for this role at Insignia Search?
Hiring team responds within a day
view all jobs
Why apply via CutShort?
Connect with actual hiring teams and get their fast response. No 3rd party recruiters. No spam.