Manager - Information Security Risk Management - Insurance (4-6 yrs)

Manager - Information Security Risk Management

KEY RESPONSIBILITIES:

- Design and implement robust security systems and strategies to protect our organization's infrastructure and data

- Review the configuration of network security tools, such as, Firewall, WAF, Proxy, Email Solution, IDAM, SIEM, SSO, XDR, PIM / PAM etc.

- Review the configuration of cloud native tools across different Cloud Service Providers, e.g., AWS, Azure, OCI etc.

- Assess information security tools for effectiveness and help integrate tools for limiting systemic risk (implementing MESH architecture)

- Conduct risk assessments and vulnerability scans to identify potential security gaps and recommend appropriate countermeasures and work with IT for the closure of findings.

- Collaborate with cross-functional teams to define and enforce security policies, procedures, and best practices

- List down the gaps identified and work with IT to get them resolved.

KEY RELATIONSHIPS (INTERNAL /EXTERNAL): Business Functions, Third Parties and Control groups

KEY COMPETENCIES/SKILLS REQUIRED:

- Network Security, SOC experience, Cloud Security, Data Security, Application Security, Incident management, Email Security, Identity theft, NIST, Baseline Security Standards.

Desired qualification and experience:

- Graduate/Post Graduate degree in Information management and security (pref. B. Tech/M.Tech/MS)

- 4-6 years of hand on experience in SOC functionality and security tools, such as, Firewall, IPS/IDS, Proxy, Web Filter, WAF, AV, DLP etc.

- Experience with network security and networking technologies and with system, security, and network monitoring tools

- Demonstrated skills in collaboration, team work and problem solving to achieve goals

- Prefer candidate with certifications such as CISSP, OSCP, CCSP, Cloud Security Architect

- Strong Communication and presentation skills

Job Description:

Position : Manager

Incumbent : No

Department : Enterprise Risk Management

Function : Information Security

Reporting to : Saurabh Gugnani

Band : 4

Location : Gurgaon HO

Team size (Direct/Indirect) : 0

JOB SUMMARY:

- Experienced Information Security specialist with hands-on experience on designing security architecture and implementing multiple information security technologies.

- A continuous learner who is self-driven, team player and zeal to bring security transformation by reducing the exposure surface.

KEY RESPONSIBILITIES:

- Design and implement robust security systems and strategies to protect our organization's infrastructure and data

- Review the configuration of network security tools, such as, Firewall, WAF, Proxy, Email Solution, IDAM, SIEM, SSO, XDR, PIM / PAM etc.

- Review the configuration of cloud native tools across different Cloud Service Providers, e.g., AWS, Azure, OCI etc.

- Assess information security tools for effectiveness and help integrate tools for limiting systemic risk (implementing MESH architecture)

- Conduct risk assessments and vulnerability scans to identify potential security gaps and recommend appropriate countermeasures and work with IT for the closure of findings.

- Collaborate with cross-functional teams to define and enforce security policies, procedures, and best practices

- List down the gaps identified and work with IT to get them resolved.

KEY RELATIONSHIPS (INTERNAL /EXTERNAL): Business Functions, Third Parties and Control groups

KEY COMPETENCIES/SKILLS REQUIRED: Network Security, SOC experience, Cloud Security, Data Security, Application Security, Incident management, Email Security, Identity theft, NIST, Baseline Security Standards.

Desired qualification and experience:

- Graduate/Post Graduate degree in Information management and security (pref. B. Tech/M.Tech/MS)

- 4-6 years of hand on experience in SOC functionality and security tools, such as, Firewall, IPS/IDS, Proxy, Web Filter, WAF, AV, DLP etc.

- Experience with network security and networking technologies and with system, security, and network monitoring tools

- Demonstrated skills in collaboration, team work and problem solving to achieve goals

- Prefer candidate with certifications such as CISSP, OSCP, CCSP, Cloud Security Architect

- Strong Communication and presentation skills