Kinara Capital Looking for IT Security Lead at Bengaluru, Karnataka Full Time

Bengaluru

IT Infra & Security

Report to: IT Security Head

Job Responsibilities:
Align standards, frameworks and security with overall business and technology strategy

Leads on the identification of data security and information protection risks across the organization and works with stakeholders to develop and implement mitigation plans, escalating issues as appropriate

Acts as a subject matter expert on data security for projects looking to implement new tools, products, or processes

Embedding security into all stages of DevOps

Identify new security opportunities and challenges and ensure action is taken to eradicate risks

Oversees maintenance of systems to protect data from unauthorized users

Leads and facilitates organizational training and communications around data security and information protection issues

Oversee incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary

Manage security tools & solutions- Antivirus, EDR, Email Gateway, SIEM & SOO, WAF, Firewalls etc.

Ensure timely response on security incidents. Discuss & conclude the actionable & recommendations with concerned stakeholders

Backup & BCP validation for all infrastructure and applications

Regular monitoring of security & compliance directions from regulators & internally coordinate the actionable to promptly complete the assessment & implementation

Implements measures to protect digital files and information systems against unauthorized access, modification, or destruction

Defines, implements, and maintains corporate security policies

Develops strategies to respond to and recover from a security breach

Develop or implement tools to assist in detection, prevention, and analysis of security threats

Manage resources and vendors and get the right people and processes in place

Review, tuning and development of SIEM technology system and alerts

Security Incident Monitoring and Response

Assists in effective Data monitoring and Data Loss Prevention procedures

Provide recommendations for correct approach and strategy where security gaps exist or inadequate tools or processes are found, all within a reasonable balance between security, cost and productivity

Demonstrate vulnerabilities to the stakeholders in a convincing manner & lead remediation

Security requirements writing and Pen Testing

Conducts periodic inventory scans including AWS Infrastructure, Applications, APIs, Websites, on-premise servers & network to find any vulnerability

Required Skills:
Hands on experience on VAPT tools

Best security practices of cloud solutions

Conceptual knowledge of DevOps, hosting, APIs, Applications & Websites

Windows, Linux, Ubuntu- server configuration understanding

Network device configuration knowledge ex. Switches, routers

Knowledge on Firewall configuration and rule management VPN configuration

Experience of identifying risks in Cyber security management processes, developing, and implementing remedial action

Excellent project management skills and experience of leading on data security projects across multiple locations

Experience of developing and implementing data security policies and protocols

Understanding of log analysis and security forensics

Knowledge in implementation of ISO27001 standards

Desirable Certifications:
Certified Ethical Hacker (CEH)

CompTIA Security+

Certified Information System Security Professional (CISSP)

Certified Information Security Manager (CISM)

Certified Information Systems Auditor (CISA)

Management Skills:
User communications & relationship management

Vendor management

Stakeholder management

Soft Skills

Good Analytical and problem solving skills

Knowledge of the financial services domain will be an added advantage

Ability to collaborate with internal and external stakeholders for effective delivery of the tasks assigned

Strong verbal and written communicator, able to speak with the business stakeholders and understand the requirements

Well organized and consistently delivers on commitments

Qualifications:
Bachelor degree in engineering or computer science with Minimum 8 – 12 years of experience in Information & Cyber Security

Other Requirements:
Keen interest in learning technology

A great team player and should be able to work across multiple groups / teams

Should be able to work in a demanding environment

Strong written and oral communication and interpersonal skills

Must have a go-getter attitude

High social responsibility & Integrity

Compliance to policies, rules and regulations

Belief in Teamwork & Effective leadership

Good Vendor management skills

For any questions on job openings & application details, write to us at:

[email protected]