Information Security Manager (ITG) [GC-34]
Infosec Manager (ITG)
Experience: 5 to 10 yrs
Employment Type: Permanent
Shift: 14:00 - 23:00
Educational Qualification: Any Graduates / Strong background in IT Security Policy
Our client, an internationally active provider of IT and back-office services and catering to the BFSI industry is currently on the lookout for an Infosec Manager (IT Governance) for immediate placement in Bangalore.
The is a role for hands-on, mid-managerial level candidates who will be pivotal in leading the Cyber Threat Management and involves providing expertise on incident response, response to cyber threats and malware analysis.
• Threat hunting and Security Incident response.
• Respond to Cyber Threats, Brand Infringement and Data Exfiltration.
• Malware Analysis / root cause analysis.
• Analyzing threat campaign’s techniques, lateral movements and extract indicators of compromise.
• Conducting case reviews.
• Thorough and hands on experience as well as profound understanding of one or more Enterprise Grade, Cloud based / perimeter security products (Palo Alto / Genua / Akamai WAF / Barracuda / Cloudflare WAF etc.)
• Experience with setup and configuration of bot manangers.
• Optimizing Palo Alto Firewall Mechanisms to improve overall performance and threat detection capability
• Aligning cyber controls to overall threat landscape.
• Advanced Forensics to identify Indicators of Compromise (IOC's) and Advanced Persitent Threats (APT’s).
• In-app automation to improve overall SOC monitoring and Operations.
• O365 security and compliance suite management and governance.
• Firewall Security audits and responsible for BPA assessments.
• Developing new hunting models /playbooks /run books for better incidents response.
• Building / Updating SOP’s.
5+ years working experience in the Information Security or related field
Bachelor’s Degree or equivalent experience with relevant industry certifications (CISSP, CISM, CISA, SANS)
Experience with common Information Security management frameworks such as ISO27001, COBIT and NIST
Familiarity with current legal and regulatory security compliance programs including but not limited to GDPR
Experience with large-scale Information Security and Compliance program initiation
In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls
Advanced knowledge of Cyber Security principles, IT protocols and experience working with various reporting IT tools / systems and IT industry service management frameworks
Proper level of understanding regarding computer security concepts at both technical and procedural level
Good understanding of Firewalls, Proxies, SIEM, DLP, Anti-malware, IDPS and Cloud Computing security concepts
Good understanding of penetration testing, vulnerability testing, OWASP standards and application development security
Project management experience is desirable
Possesses strong analytical skills with the ability to analyze complex documents, interpret their relevance and convey complex technical concepts to a non-technical audience
Team player with a ‘can-do’ attitude and with a drive to continuously improve
Global mindset and willing to travel occasionally, for short periods
Awareness of the environment and sensitivity to the organization
Excellent writing and verbal communication skills are required. Fluency in English is a must and preferably in Dutch