IT Security & Compliance Lead - Penetration Testing (7-12 yrs) Delhi (DevOps)

IT Security & Compliance Lead - Penetration Testing (7-12 yrs) Delhi (DevOps)

IT Security & Compliance Lead - Penetration Testing (7-12 yrs) Delhi (DevOps)

Kyros Group

New Delhi, Delhi, India


Key Result Areas

  • Oversee the delivery of complex security services, manage relationships and issues.
  • Embedding security into all stages of the software development life cycle/delivery methodologies.
  • Lead the Cyber Security function for the business, managing the Cyber Security Specialists and ensuring their work and output aligns to the organisational priorites.
  • Ensure that both Applications and Infrastructure are delivered in a consistently safe fashion
  • Identify new security opportunities and challenges and ensure action is taken to eradicate risks
  • Promote awareness of strategic initiatives, and encourage self-sustaining security practices and behaviours within delivery teams.
  • Effective risk management of threats and incidents
  • Leading the internal IT function on security processes
  • Report to the compliance function breaches of regulatory requirements or security standards
  • Implement best practices for Secure Design, Threat Modelling
  • Security requirements writing and Pen Testing
  • Analyse the Environment and set up a team to implement a new operational model for security engagement
  • To manage the PII data- Personal Identifiable Information (since we are retaining personal information and traffic violations)
  • Undertake assurance assessments of Third Party suppliers
  • Provide expert technical support during incidents
  • Aligning IT risk management to the organisation's overall approach and ensuring process implementation, including training
  • Reviewing existing technical environment globally, propose changes, managing changes to improve IT Security across the team

KNOWLEDGE, TRAINING, EXPERIENCE & SKILLS REQUIRED TO DO THE JOB :

  • Ability to demonstrate understanding of vulnerability remediation
  • Skilled in consultancy, risk management, solution design and issue resolution
  • Expert knowledge in IT security best practice and solutions.
  • Certified Information Systems Security Professional (CISSP) or equivalent any other certification
  • Skills in Sockets, HTTPs, Files, DevOps, Android Security, IOS Security, Tickets, keys, hand-shakes
  • Good understanding of IT infrastructure
  • Resource management and vendor management, working with vendors to get the right people in place
  • Good understanding of software development practices and coding.
  • Secure code review and experience using automated toolsets
  • Understanding of log analysis and security forensics
  • Experience of conducting and working with 3rd party suppliers to conduct penetration tests, both software and hardware.
  • License Preservation knowledge
  • Mobile security testing
  • Exposure to ISO 27001, 9001, COBIT and PCI standards
  • Experience engaging 3rd party security specialists to provide additional assurance

(ref:hirist.com)

  • Seniority level

    Entry level
  • Employment type

    Full-time
  • Job function

    Information Technology
  • Industries

    Information Technology and ServicesComputer SoftwareInternet

 

About Company

This is a very exciting opportunity for an experienced IT Security & Compliance Lead professional to head up an IT security / Compliance team at Delhi office.

You will be managing the IT Security team embedded within the IT function. You will be responsible for ensuring that all work being completed across the various disciplines in IT are assessed in terms of vulnerabilities and exposure to internal or external attack and also ensuring the compliance level for information and IT processes followed within the company.