Manager - IT Risk Advisory Services

Strategy and Governance:

Experience:

- 7 - 10 years of overall experience in information security governance, risk and compliance

Qualifications:

- BE/B.Tech/ME/M.Tech/MCA/MS/MBA from a reputed institute

- The candidate should have at least one of the following certifications - CISA/CISM/CISSP/ISO 27001 LA/ ISO 22301 LA/CBCP or any other relevant certification.

Roles and responsibilities:

- Manage the delivery of IT Advisory services offered to its clients including:

Disaster recovery and business continuity management

Information privacy

Information regulatory compliance (e.g. RBI, SEBI, SOC1, SOC2, PCI DSS, HITRUST, UIDAI)

Information risk management

Information security and information assurance

Information technology controls for financial and other systems

Security Architecture

- To design the Information Security Management System (ISMS) including information security policies and supporting procedures

- To identify processes and technologies to maintain and enhance the security architecture

- Have a fair understanding on Business Continuity Planning and DR Drills

- Would have conducted Information Life Cycle management reviews in the past

Vulnerability Management

7 -10 years of overall experience in Vulnerability assessment & Penetration testing and Network security

Qualifications:

- BE/B.Tech/ME/M.Tech/MCA/MS/MBA from a reputed institute

- The candidate should have at least one of the following certifications - OSCP/CEH/CCNA/CCNA Security /CISA/CISM/CISSP or any other relevant certification.

Roles and responsibilities:

- To manage cyber security team conducting VA, PT and App security testing for the clients

- To perform technical security assessment for IT & Network components - Vulnerability assessment, Penetration testing, Opportunistic Hacking, Web application security testing, Security source code review etc

- To monitor and track the identified vulnerability/ issues and provide recommendations to mitigate the same

- To drive the engagements and team for efficient delivery as per the engagement scope

- To maintain client relationships and understand their requirements for future business opportunities

Managed Security Services

Experience:

- 8-10 years of overall experience in managed security services

Qualifications:

- BE/B.Tech/ME/M.Tech/MCA/MS/MBA from a reputed institute

- Candidates having experience on SIEM tools such as HP Arch Sight, Q Radar, Splunk

Roles and responsibilities:

- Is currently working in a SOC or has prior experience of working in a SOC

- To lead managed security services team working on SOC (Security operation centre) for the clients

- To develop client relationships and lead the team to define SOC operating manual and integrating with vulnerability management, policy compliance, incident management

- To provide guidance in developing specific processes for collecting and protecting forensic evidence during incident response.

- To handle projects for implementation of required logs on various systems and provision of transfer of logs to SIEM tool

- To lead the team for formulating correlation rules for the SIEM tool