Manager Cyber Security - VAPT

You will be reporting to the Senior Manager VAPT as part of this role. A university degree in computer science or IT is required for this position. With over 8 years of experience in Information Security, including at least 5 years of experience in Penetration Testing, Red Teaming, and/or vulnerability assessment, you will play a crucial role in evaluating the control environment through Ethical Hacking. Your responsibilities will include hands-on experience in black-box and grey-box penetration testing on platforms like .Net and Java, as well as mobile testing of Android and iOS. Having a high-level understanding of Security Architecture and Infrastructure is essential, along with familiarity with best practices from organizations such as OWASP, SANS Institute, ISACA, GAO, FISCAM, NSA, NIST, and Internet Engineering Task Force (IETF). You will be expected to develop a framework for testing the compliance of applications and systems, as well as possess experience in project management. This position falls within the Information Technology industry. Your main responsibilities will involve conducting internal and third-party Ethical Hacking, Vulnerability Assessment, Penetration Testing, and Red Team assessments on business-critical assets and processes. You will need to liaise with external ethical hacking and penetration testing teams for RBI projects, and coordinate with the security intelligence framework to stay updated on the latest threats and vulnerabilities. Preparing security effectiveness reports for management, testing applications/systems for compliance to RBI/ReBIT Information Security practices, and ensuring new applications are inducted into the Data center after conducting pen testing/vulnerability assessment are key tasks. You will be responsible for prioritizing security vulnerabilities, updating the Security operations team for mitigation, and deciding on the most relevant metrics and algorithms for measuring security effectiveness. Certifications required for this role include any two of the following: CISSP, CEH, OSCP, OSCE, or GPEN.,