Manager- Information Security, Vulnerability and Risk Management)

Role: Manager Information Security (Release Management)

Experience-8+Yrs

Location-Hyderabad

Mandatory Skills-

Domain Expertise:

• Strong understanding of the insurance industry.
• Experience working with multiple vendors and global teams.

Technical Skills:

• Proficient in tools like JIRA, ServiceNow, Fortify, and vulnerability management platforms.
• Basic knowledge of Java, Linux, and HTML.
• Skilled in running scans, generating reports, and troubleshooting tool issues.

Process & Operations:

• Hands-on experience in release and change management.
• Familiar with ISO and SOC audit processes.
• Manages L1 and L2 tickets, ensuring SLA compliance.
• Coordinates production releases and post-implementation reviews.

Access & Security Management:

• Manages application access and license renewals.
• Owns ServiceNow access/removal request process.
• Guides teams in resolving access and vulnerability issues.

Collaboration & Leadership:

• Participates in change advisory board meetings.
• Coordinates with stakeholders for smooth release execution.
• Leads scan template reviews and vulnerability assessments

Roles and Responsibilities,

This JD provides an overview of the Security Architect or Technology Leads role and responsibilities.

Skill Set

• Good domain knowledge in Insurance Industry.
• Hands-on experience on any vulnerability management tool
• Hands on experience in JIRA, ServiceNow and Fortify Tool.
• Exposure in release and change management process.
• Basic Knowledge in Java, Linux, and HTML.
• Experience in handling L1 and L2 tickets to adhere to SLA guidelines.
• Good to handle application access management process in automated way.
• Experience in working with multiple vendors and geographically distributed teams.
• Minimal knowledge in handling ISO and SOC audits.

2. Handling JIRA Activities

• Experience in creating projects in JIRA.
• Able to handle tickets, manage SLAs.
• Adhering to process in terms in JIRA setup while creating entries for different projects.

3. Release and change management process.

• Coordinate with different stake holders for successful implementation of production releases.
• Actively participating in change control and change advisory board meetings.
• Manage relationships and coordinate work between different teams.
• Review Post implementation issues coming out from Releases.

4. Managing audits

• Knowledge in handling SOC audits.
• Gathering data for SOC audits and able to project and explain the artifacts in External audits.
• Certifications on audit process would be preferred.

5. Handling ServiceNow development activities

• Complete ownership in handling ServiceNow user access/removal request process.
• Able to perform form level changes on Incident management module.
• Able to work on multi tenancy model.
• ITIL certification is preferred.

6. Handling vulnerability management

• Hands on experience on any vulnerability management tool.
• Able to run the scans/reports on any tool.
• Expertise in addressing tool issue.
• To Handle access related and license renewal related issues.
• Trouble shoot on any tool issues and guiding team in fixing them.
• Able to coordinate with external stake holders/vendors.
• Coordinating with project teams on scan template reviews.
• Identify the severity of vulnerability/issue and guide project teams in addressing the fixes.
• Handling code moves, ASAM tickets and SOC audits.
• Certifications on ITIL process mandatory.
• Certifications on Security process would be preferred.
• Able to setup the criteria and standards for vulnerabilities based on the application type (internet/intranet).
• Expertise in addressing tool issue.
• Creating and implementing security protocols and procedures to safeguard an organization's systems and data

Regards,

Infosys BPM Recruitment team