Senior IT Security Manager - VAPT (11-13 yrs)

Qualification : BE /B.Tech/B.Sc./ MCA /MSc./M.Tech in computer science, Information Security, or any related bachelor's and master's degree.

Experience : 10+ years

Location : Noida_Fulltime_5 days(Work from Office)

Interview : 1st Round - Virtual

2nd Round : Face to face

Note :

1. Should have expertise in AWS

2. Should have minimum 5 years of experience in Cloud Security

2. Should know the implementation of ISO27001

3. Should have expertise in VAPT

Responsibilities :

Protecting the Company Digital Landscape :

- Design and implement comprehensive security programs and cybersecurity strategy for networks, servers, and applications aligned with the organization & overall business objectives.

- Secure cloud environments (AWS, GCP, M365 and other IAAS, SAAS) and manage cloud-related security risks.

- Own and conduct regular vulnerability assessments and penetration testing to identify and address weaknesses on network, servers on cloud, cloud environment and oversee the remediation process.

- Manage endpoint security solutions (like Microsoft Defender EDR with ATP) and ensure optimal performance of security tools and technologies.

- Stay up to date on the latest security threats and best practices to continuously improve security posture.

Building a Culture of Security Awareness :

- Develop and maintain security policies, procedures, SOP's and training programs to educate employees.

- Collaborate with stakeholders to define and implement effective security measures aligned with industry standards and regulations.

- Collaborate with other teams to ensure alignments with overall security strategy.

Ensuring Incident Preparedness and Response :

- Lead incident response activities, including investigation, analysis, and resolution of security incidents.

- Perform risk assessments to evaluate potential security threats and vulnerabilities impacting company systems.

- Manage and drive root cause analysis to identify and address the underlying causes of security incidents.

Maintaining Compliance and Best Practices :

- Drive ISO 27001 certification and ongoing compliance.

- Develop and maintain (ISMS) Framework such as ISO 27001, CIS, NIST, PIA etc.

- Conduct regular internal and external audits to assess ISMS effectiveness.

- Manage and prioritize corrective actions to address identified non-conformities.

- Contribute to developing and maintaining security metrics and KPIs to measure the effectiveness of security controls and processes.

- Continuously monitor and update security policies and procedures based on best practices and industry benchmarks.

- Establish and maintain a robust monitoring program for security systems and infrastructure.

- Implement key performance indicators (KPIs) to measure the effectiveness of security controls.

- Analyses security logs and alerts to identify potential threats and incidents.

Experience and Education Requirements :

- Bachelor's degree in computer science, Information Security, or a related field.

- With Minimum 10+ years of experience in Information and Cyber security.

- Deep understanding of cybersecurity frameworks and standards (e., NIST, ISO 27001, GDPR, HIPAA, PHI, Data Privacy etc).

- Strong knowledge of cybersecurity technologies, including firewalls, intrusion detection systems, encryption, data loss prevention, and other relevant VAPT tools.

- Excellent problem-solving, decision-making and documentation skills.

- Ability to communicate complex technical information to both technical and non-technical audiences.

Skills : Professional certifications such as CEH, ISO27001, ISMS, CISM or related certifications are preferred