Cyber Security Lead - On Prem-Gen2 OSM PAS/PLT

Cyber Security Lead - On Prem-Gen2 OSM PAS/PLT

Missions

Job Summary:

We are seeking a seasoned Cyber security Lead to work on the Application risk assessment and operational security in our both traditional and private cloud infrastructure and applications. The successful candidate will perform risk assessment, security validation and exceptions, review security incidents, different level of risk assessments, driving security programs and follow the remediation with close Governance.

Responsibilities:

- Conduct risk assessments and security evaluations of private cloud control plane services (API Services) & and On-Prem application/infrastructure

- Identify and assess threats, vulnerabilities, risks and potential attack vectors and prioritize the mitigation

- Assess and manage IT risk treatment in all new projects or infrastructure within its scope (integration of security into projects, secure by design processes)

- Enforce Group policies / standards and/or procedures / good security practices within its department.

- Develop and implement risk mitigation strategies and security controls

- Drive security program such as Pen test and Vulnerability programs globally

- Evaluate security configurations, policies, and procedures

- Perform security validations and exceptions for different need on day to day basis (AV , Browsing exceptions, RAF, admin rights, firewall flow, secureshare access etc.);

- Assess compliance with industry standards and regulatory requirements (e.g., NIST, SOC 2, PCI-DSS, OWASP)

- Develop and maintain risk management frameworks, playbooks, and reporting dashboards

- Communicate risk and security recommendations to stakeholders

- Contribute to security audits (internal audit / regulators) within its scope

- Ensure proper work distribution between team members and help team members as and when required

- To act as a security expert and point of contact on all the operational security and risk management activities

- Lead the resolution of security incidents and contribute to the post-mortem investigation of security incidents

- Lead the remediation of critical vulnerabilities in coordination with technical teams, SOC and CERT.

- Monitor and coordinate for timely closure of audit recommendations (internal / regulators), if necessary, intervene in support of operational teams.

- Communicate the status of security audits (internal audit / regulators) as well as the plans for dealing with recommendations.

- Communicate on its activities (definition of relevant KPIs/KRIs) and on security alert points.

Profile

Profile Required:

- 5 to 8 years of experience in application risk assessment, operational security and risk management or related fields

- Strong understanding of infrastructure & application security architecture, compliance frameworks, and risk management principles

- Experience with infrastructure & application security assessments, risk assessments, and security controls implementation

- Excellent analytical, problem-solving, and communication skills

- Familiarity with security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST)

- Certifications in risk management, or related fields (e.g., CRISC,CCSP, CISSP)