Senior Security Manager

Responsibilities

1. Serves as the domain expert (SME) on Cybersecurity matters.
2. Lead and influence multi-disciplinary teams in implementing and operating cyber security controls for cloud and on-premise environments; micro-services, containers, applications, operating systems, databases, and networks.
3. Involve in the project or lead the project related to IT infrastructure & Application security whenever required.
4. Support maintenance team in difficult or chronic problems, escalate the issue to vendor, identifying the root cause and preventive measures.
5. Support presales team on infrastructure & Application security solutioning in bids.
6. Provide system architecture design and planning for new IT infrastructure deployments in both hosted and cloud environments.
7. Work closely with Project Managers/Application Development Team in planning the implementation tasks.
8. Perform initial installation and configuration of new IT infrastructure & security deployments in both hosted and cloud environments.
9. Conduct security design review with customers.
10. Lead the track in security testing and remediation, conduct Application, Server, and Network vulnerability assessments.
11. Deliver Application Security Assessment activities with entities and external suppliers/customers.
12. Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers.
13. Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements.
14. Conduct in-depth assessments on the applications using SAST, DAST, Penetration Testing, Red Teaming Activities to determine application security posture and potential vulnerabilities.
15. Develop and implement server security and hardening.
16. Support the monitoring and tuning of detection and security automation tools.
17. Automate security controls, data, and processes to provide better metrics and operational support.

Requirements

1. Minimum Bachelor in Computer Science or IT related studies.
2. Minimum 8 years’ experience in IT industry with 6 years in network/systems/Application security arena.
3. At least 5 years of experience in Vulnerability Assessment, Penetration Testing & Source Code Reviews of Web, Mobile and Thick Client Applications.
4. Knowledge of networking and IP/TCP protocol.
5. Experience in Windows and other OS is good to have.
6. Experience of working and securing Virtualization Technologies.
7. Experience with firewall technologies and products, including NextGen firewalls and firewall management tools.