Lead IT Security Specialist-SIDBI-Chennai

Graduate degree in Indian or foreign equivalent required from an accredited institution

• Minimum of 8 12 years of experience in IT Security management
• Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable
• Proven experience in designing, implementing, and managing enterprise-level security solutions
• Experience working with diverse teams and stakeholders to implement security measures
• 25 – 45 years of age

• Lead the development and implementation of security policies, procedures, and technologies
• Collaborate with cross-functional teams to identify security risks, develop mitigation strategies/ plan, implement and monitor remediations
• Conduct regular risk assessments and security audits to ensure compliance with regulatory requirements and industry standards
• Manage currently implemented security solutions/ tools like SIEM, WAF, EDR, AV, DAM, PIM, MDM, Firewall, IPS, FIM
• Stay updated with the latest security threats, trends, and technologies, and continuously evaluate and enhance the organization's security posture.
• Validating Application security controls prior to go-live.
• Review/ Investigate incidents raised by Ops team for RCA, solutioning and closure
• Ensuring mitigation of routine events /incidents in coordination with relevant technology teams/vendors
• Proposing additional controls as part of continuous IT security management

• Experience with designing, implementing, and managing SIEM solutions to collect, correlate, and analyze security event data from various sources
• Proficiency in configuring and maintaining WAF solutions to protect web applications from common security threats such as SQL injection, cross-site scripting (XSS), and DDoS attacks
• In-depth knowledge of firewall technologies and their implementation to enforce access controls, monitor traffic, and protect against unauthorized access
• Hands-on experience in deploying and managing IPS solutions to detect and prevent malicious activities within the network
• Proficiency in implementing EDR solutions to monitor endpoint devices for suspicious activities, investigate security incidents, and respond to threats in real-time
• Experience in implementing and managing PAM solutions to secure, control, and monitor privileged access to critical systems and data
• Proficient in implementing MDM solutions to secure and manage mobile devices, enforce security policies, and protect corporate data
• Proficiency in conducting vulnerability assessments and penetration tests
• Knowledge of IAM principles and technologies for managing user identities, access privileges, and authentication mechanisms
• Understanding of encryption algorithms, protocols, and key management practices

• Familiarity with RBI regulatory compliance requirements and industry standards (such as ISO 27001)
• Knowledge of incident response procedures, including containment, eradication, recovery and reporting to management, regulator, CERT-IN etc
• Familiarity with SOC operations, including security monitoring, threat detection, incident triage, and escalation procedures, as well as experience in managing SOC teams and tools effectively

• Hands on experience in Information Security Controls implementation
• Hands on experience in defining Rules, configuration, correlations, periodic reviews and modifications/refinements
• Strong knowledge and mind set for IT security management
• Ability to independently work as part of security organization
• Ability to translate requirements into technical solution
• Ability to Work with diverse technical and non-technical stakeholder individuals / groups (including third parties)
• Ability to provide corrective actions to deal with escalated IT events / incidents
• Ability to Work effectively under pressure.
• Excellent Verbal and Written - Communication and Presentation Skills.