Scribd
Upload
95 views

Chief Manager - IT Security

The Chief Manager - IT Security is responsible for overseeing IT security, regulatory compliance, implementing governance, risk and compliance programs, application security, vulnerability management, and incident response. Key responsibilities include enhancing security and compliance programs, implementing secure software development lifecycles, performing security assessments, and developing security policies. The position requires over 12 years of cyber security experience, expertise in security systems and tools, and certifications in areas like CEH, CISSP, or CISM.

Uploaded by

prabu r
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
95 views

Chief Manager - IT Security

The Chief Manager - IT Security is responsible for overseeing IT security, regulatory compliance, implementing governance, risk and compliance programs, application security, vulnerability management, and incident response. Key responsibilities include enhancing security and compliance programs, implementing secure software development lifecycles, performing security assessments, and developing security policies. The position requires over 12 years of cyber security experience, expertise in security systems and tools, and certifications in areas like CEH, CISSP, or CISM.

Uploaded by

prabu r
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

JOB DESCRIPTION

Position Title Chief Manager - IT Security Grade/Level

Department IT Location Chennai


Organizational Relationships
Position reporting to Head – IT Security & Infrastructure (CISO)
No. of Direct Reports
Job Purpose
This position is responsible for performing ISRM, Regulatory Compliance, Implement GRC, SSDLC on-boarding,
Application Security, Vulnerability Management, Incident Response, Data Security and Privacy, Security control
assessment, , Network security & monitoring using various technologies that may include IDS/IPS, Firewalls, Web
filtering, Security Monitoring tools and related products.
Also responsible for initiatives for Platform defense, Security Operations, Security Monitoring & Business Continuity
and SDL Automation, Trainings and Independent Security assessments as business as usual
Key Responsibilities
 Enhance the security, resilience, and reliability for IT Security, Risk Management,
Regulatory & Compliance (ISO, GDPR, ITGC, RBI Guidelines Assess and
Implementation, ISMS Audits - internal & external etc.), Network Security &
Platform Defense, Security Operations, Security Monitoring and Business
Continuity.
 Implement and streamline SSDLC and document overall IT and Network Security
Processes and procedures.
 Implement and streamline execution of Threat Modeling, Static and Dynamic
Code Analysis, Open Source Software Threat Analysis, VAPT.
 Implement application security solutions, vulnerability remediation, and
vulnerability management. Also will provide oversight to all security operation
initiatives and Security controls assessments.
 Perform security non-compliances, gap analysis and risks assessment for Host,
Platforms, Applications, Networks, Databases, Web, Binary & Mobile
Job Responsibilities
 Implement tools and processes to monitor all security dimensions and metrics
including asset, change and configuration management, network connectivity,
user account management, logging analysis, intrusion detection & response,
physical security, vulnerability scans, data security, fail over and back-ups, etc.
 Implement and streamline Threats assessment landscape and security issues
using tools/technology/frameworks like DLP, WAF, CICD, Firewall, IPS/IDS
tuning, IAM & PAM, DRM, NAC, SIEM & DNS, ITSM and CMDB to enhance
security operations and to remediate network security risks.
 Analyze and assesses impact to the data/infrastructure as a result of security
incidents, examine available recovery tools and processes, and recommend
solutions.
 Develop and recommend information security policies and principles that will
ensure Data Security and Privacy, integrity, confidentiality, reliability, and
appropriate use of the company s information assets
Job Requirements

Qualifications  Graduate / Post Graduate in Computer Science / IT (Networking)

Experience  12+ years of experience in Information Security Management / Cyber Security


Functional Competencies  Knowledge of security systems (firewalls, IPS, anti-virus, encryption,
authentication), local and wide-area networking, Microsoft systems and mobile
technologies

Classification: Internal
 Expertise on Containment, Remediation, Mitigation & Post Incident Activities

 Knowledge on various vulnerability assessment tools

 Certification in IT Security viz CEH / CLPTP / CISSP / CISM preferred

 Good Analytical & multi-tasking skill

Behavioral Competencies  Strong communication and interpersonal skills

 Problem Solving & decision making skills

Classification: Internal

You might also like