We are hiring for a reputed organisation in Pune having 1000 employee's Designation : Internet security - Manager / Deputy Manager Experience : 7 years to 10 years Job Location : Pune city Qualification & Experience : 1.
Graduation / post-graduation in computer / IT related curriculum. Post-graduation preferred 2. IT security certifications like CISSP, CEH, CISM, etc.
3. Full-time work experience in information security management. 4. Knowledge of information security concepts and methodologies 5.
Knowledge of compliance's (PCI DSS, Sox, DPA, and so on) and IS standards (ISO 27001, BS25999, ISO 20000, OWASP, and so on) 6.
Knowledge of Secure SDLC methodology 7. Thorough understanding and Hands on experience of enterprise security systems, tools, processes including : 8.
SIEM, Firewalls, VP 9. Ns, DNS-Proxies, Sandboxing, Digital Certificate Management, Vulnerability Management, End-point Security Management, Penetration Testing, Web Application Firewalls.
10. Experience in Malware Analysis and Reverse Engineering 11. Experience in developing and / or maintaining security architecture for Operational Technology systems like IoT, MES, SCADA, etc.
12. Knowledge of personal data protection regulations like EU GDPR 13. Working knowledge of Linux, AIX and windows, AWS and AZURE Security Platforms / Tools.
14. Experience with scripting, basic API integration and automation (e.g. Powershell, VBS, SQL languages, Ruby, Python, Perl) preferred Work Profile : 1.
To ensure awareness and enforcement of policies, procedures and practices relating to the confidentiality, integrity and availability of information.
2. Develop security testing plans and integrate into the software development life-cycle. 3. Identify application security risks and requirements for new projects and system developments.
4. Identify security issues and risks, and develop mitigation plans. Respond to security violations, vulnerabilities, and event detection systems.
5. Sign-off on application security prior to live implementation. 6. Maintain the organization's effectiveness and efficiency by defining delivering, and supporting strategic plans for implementing information security 7.
Understand, evaluate, and respond to security incidents 8. Conduct the information security risk assessment program. Review compliance with the information security policy and associated procedures.
9. Update and maintain risk register for the organization. 10. Keep updated with emerging security threats and alerts. Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts (ref : hirist.com)