Req ID : 310370
We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions.
Joining us means joining a truly global community of more than 38 900 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.
As part of Security Monitoring and Control team, Security Operations Manager will oversee the implementation and monitoring of Security operational controls inclusive of people, process and technologies.
Key part of the responsibility will be to align Security operations to the best practices and frameworks across the industry, perform continuous review to improve the effectiveness of the Sec operations.
Security Compliance Manager is also expected to manage the metrics program, assist in managing Security operations and lead improvement programs within the security function.
Security Compliance Manager will work closely with Technology and Solution Architects, IS&T operations and business teams to manage overall security of the organization
RESPONSIBILITIES :
Keep track of new and emerging threats and vulnerabilities, verify applicability in organizational context and initiate remediation activities as necessary
Schedule and manage penetration testing activities, analyze test results and engage the relevant stakeholders across both internal and partner organization for remediation
Analyze assessment reports provided by vendors / 3rd parties and resolve them within defined SLAs
Identify and remove false positives in assessment reports and challenge remediation teams when issues are highlighted for exception
Develop remediation plans by partnering with Infra / Application owners. Provide guidance on patching, configuration settings and / or implementation of additional security controls to prevent vulnerabilities from being exploited
Define the scope of assessment activities across both Internal and Partner organization
Analyze threat intelligence reports across the internet. Identify gaps in the environment and suggest tools, technologies and processes to address them
Design and deliver actionable Information Security dashboards
Define and develop information security metrics program. Automate key metrics for real time reporting.
Define KPIs and track the progress with both partners and internal teams
Create awareness across the organization on the importance of following good security practices, Secure SDLC program and its benefits
Holding regular meetings with partners and present periodic status reports and highlight key issues to senior leadership
Provide advice on general security topics and participate in incident resolution disputes when necessary
File and manage security exceptions for infrastructure, network and application related vulnerabilities
To be considered for this role, candidate need to demonstrate the following skills experience and attributes :
Bachelor’s / Master’s degree in Engineering / Technology or related field
Minimum 12-16 years of relevant IT experience
Professional industry standard certifications like CISSP, CEH, GIAC, CISM, ISO 27002 etc. will be an added advantage
Experience with various IT / Security technologies including, Active Directory, DNS, Messaging, Firewalls / VPN Gateways, IPS, Proxy, WAF, PKI, IAM,etc.
Good understanding of tools like CyberArk, PingIdentity, Sailpoint, Qualys, Veracode
Proficient hands on experience and understanding of various security tools and technologies.
Experience in an operational role working directly with internal and external customers, trouble ticketing systems, and incident management
Solid understanding of ITIL process framework
Must understand and have worked in an operational environment such as a NOC or SOC for 2 4 years
Demonstrated leadership experience in the area of Security Operations
Proven planning, prioritization, and organizational skills
Demonstrated drive for continuous learning, results orientation, and teamwork
Ability to drive change through innovation & process improvement
Ability to manage projects and drive action items with customers and cross functional peers
Proven crisis management skills
Professional & concise communication (written & verbal)
Ability and flexibility to adapt to change, including shifting and competing priorities
Demonstrated ability to be a big picture thinker, strategist, and long term planner
Strong analytical skills with demonstrated problem solving ability
Project management skills with a proven ability to design workable solutions will be an added advantage
Exposure to ISO 27002 and ISO 27005
An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers.
We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.
Job Segment : Operations Manager, Information Security, Project Manager, Business Process, Manager, Operations, Technology, Management
