Cyber Security Manager

The Manager Cyber Security will be responsible for overseeing and managing a range of cybersecurity initiatives and compliance activities.

This includes managing vendor-driven security projects, monitoring vulnerabilities, ensuring regulatory compliance, and strengthening the overall cybersecurity posture of the organization.

Roles and Responsibilities

- Manage outsourced cybersecurity projects such as Red Team exercises, security drills, and implementation of security tools like ASM, BAS, and continuous Red Team assessment tools.

- Monitor and follow up on the closure of VAPT (Vulnerability Assessment and Penetration Testing) findings.

- Track SEBI CSCRF (Cyber Security and Cyber Resilience Framework) compliance status and prepare reports for board committee reviews.

- Revamp vendor management for information security, including policies, procedures, risk assessments, source code reviews, and application classification based on criticality.

- Implement automated tools for CSCRF compliance, testing, and patch management.

- Support operational enhancements in the Security Operations Center (SOC).

- Lead and execute internal IS audits and technical assessments.

- Prepare and submit cybersecurity compliance reports to SEBI and the Board.

Skills and Qualifications Required

- Bachelors or Masters degree in Information Technology, Computer Science, Cybersecurity, or a related field.

- 10+ years of experience in cybersecurity, with a minimum of 35 years in a managerial or leadership role.

- Strong understanding of security frameworks, standards, and regulations, including SEBI CSCRF.

- Hands-on experience in managing VAPT processes and tools, ASM tools, BAS platforms, and Red Team exercises.

- Experience in vendor management related to cybersecurity policies and procedures.

- Familiarity with source code reviews and application risk classification methodologies.

- Knowledge of SOC operations, automated patch management, and cybersecurity compliance tools.

- Strong analytical and problem-solving skills.

- Excellent communication and report-writing skills, especially for presenting to senior management and regulatory bodies.

- Professional certifications such as CISSP, CISM, CEH, or ISO 27001 Lead Auditor are preferred