Lead- Cyber Risk Management

Job Description

Role: Cyber Risk Management Lead Experience: 5 to 10 Years Office location-Sector-125, Noida Required Qualification: Bachelor of Engineering - Bachelor of Technology (B.E./B.Tech.) Additional Information There are 2-3 rounds in the interview process. This is 5 days’ work from office role (No Hybrid/ Remote options available) Final round will be F2F (Mandatory) About role: We are seeking a Cyber Risk Management Lead to identify and remediate or mitigate risks . Candidate should have effective task management skills and the ability to communicate effectively. The individual must be able to rapidly respond to security incidents and should have at least 5 years of relevant experience in Cyber security Risk management. Candidates Should have deeper understanding with some hands-on experience on enterprise IT infra components such as O365 suite, advanced firewalls, IPS/IDS/HIPS, routers/switches, VPN, proxy, AV/EDR, DNS, DHCP, multi factor authentication, virtualization, Email systems/security, Web Proxy, WAF, DLP etc. along with cloud environments like AWS (Must) , Azure etc. Job Description Understanding applicable regulations, guidelines, and industry best practices to manage risk and ensure compliance Developing, maintaining, or auditing security documentation such as policies, standards, and procedures Monitoring security internal control effectiveness for EDR, Email Security, Server security, Cloud security etc Conducting internal security assessments to ensure continued compliance Explaining roles in managing risk to cross team functions and getting buy-in to improve the organizational risk posture Managing SOC 2 Type 2 assessment and provide adequate support for collecting relevant evidence for all relevant controls Should be able to review RFPs (request for proposal) and provide responses for Cyber security related items Manage Risk Governance Implement/govern AWS Cloud and Office 365 Security Manage and support internal and external audits Follow up till closure on audit findings if any Manage dashboards and reports to keep track of priority events for IT and IS Create MOM for Board Meetings Vendor Evaluation for cyber security controls Firewall rules review for On-premises and AWS firewall Security Awareness: Create materials PPT/e-mailers and provide training as needed Incident management and Business continuity CISO dashboard and success reports Meet with business team to understand their business requirements from cyber security perspective Has basic knowledge of audit requirements (SOC2, HIPPA, ISO27001, etc.) Understanding of respective industry best practices (e.g., NIST, ISO, OWASP, ITIL) At least one security certification is strongly preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP) Prior experience of management of technology infrastructure is preferred Skills: proxy,audit management,firewall rules review,cyber risk management,dns,advanced firewalls,ciso dashboard management,waf,business continuity,internal security assessments,task management,cloud environments,enterprise it infrastructure,cloud security,email security,incident response,email systems/security,ips/ids/hips,security document auditing,security auditing,communication skills,security incident response,cyber security,aws,routers,web proxy,risk assessment,compliance,dhcp,soc assesment,communication,security assessments,nist, iso, owasp, itil best practices,cyber security risk management,effective communication,it infrastructure security,multi-factor authentication,risk governance,o365,o365 suite,incident management,risk management,switches,security awareness training,virtualization,av/edr,azure,security documentation,dlp,cyber risk management lead,vendor evaluation,regulatory compliance (soc2, hipaa, iso27001),routers/switches,auditing,cybersecurity risk management,office 365 security,aws cloud security,vpn,security awareness Show more Show less