Job
Description
Job Summary: The Cyber Security Execution Expert will play a pivotal role in protecting the organization’s systems, data, and networks from potential cyber threats. This is a mid-level role, and the ideal candidate will have a strong understanding of security frameworks, threat detection, and risk management. The role will continue to evolve and will involve implementing practical, proactive measures to protect sensitive financial data and ensure that our systems are compliant with industry regulations and up to the mark to tackle evolving threats and scenarios. . Key Responsibilities:  Threat Detection & Monitoring: o Set up tools to enhance the network traffic monitoring, maintenance and analysis of logs, monitoring of endpoints, identify and respond to and create response mechanisms to alerts, unusual or malicious activities. o Utilize security tools to identify, track, and report on potential vulnerabilities and threats.  Incident Response: o Lead and participate in incident response activities to quickly identify, assess, and mitigate security breaches or attacks; modify and put in place SOPs if required. o Arrange to preserve and provide forensic data for further analysis and support during the investigation of cyber incidents.  Risk Management: o Conduct risk assessments to identify potential security gaps and develop mitigation plans. o Recommend and implement strategies to minimize risks associated with cyber threats.  Security Architecture & Implementation: o Assist in designing, modifying and implementing security solutions for both internal and client-facing platforms, networks, endpoints. o Monitor and maintain configurations, set ups for firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), WAF, and other security-related technologies.  Compliance & Reporting: o Ensure improve compliance with relevant industry regulations (e.g., SEBI’s CSCRF) and internal security policies. o Assist with the creation and maintenance of security documentation, including policies, procedures, and reports / reporting mechanism.  Security Awareness & Training: o Support the development of cybersecurity awareness programs to educate employees on safe practices and emerging threats. o Conduct training and workshops for staff to improve their understanding of security best practices.  Collaboration: o Work closely with other departments, including IT, legal, and compliance, to ensure a holistic approach to cybersecurity. o Collaborate with external vendors and partners to evaluate and implement security technologies.
