Senior Manager - Cyber Security Adani Digital Labs

5.0 - 9.0 years

0 Lacs

haryana

On-site

As the functional specialist for Cyber Security Risk Management (CSRM) and Data privacy assessments (DPIAs), your responsibilities will include proactively reviewing ADL information security and related risks in terms of threats, vulnerabilities, and legal and regulatory compliance. You will be translating technical, legal, and regulatory obligations into a cohesive set of Security Controls, and communicating these requirements and implementation methodologies to relevant stakeholders. Additionally, you will be facilitating Risk Assessments on Applications, Network & Systems, and Regulatory matters, as well as coordinating Vulnerability Assessment and Penetration Tests (VAPT) and providing recommendations for risk remediation. Collaboration with Project Managers, Business Analysts, Architecture, and Support Teams will be crucial to ensure adherence to ADL's CSRM standards. You will also be responsible for integrating security into the Software Development Life Cycle, supporting staff education and awareness on Information security issues, influencing IT and Business staff behaviors to mitigate risks, reviewing and enhancing Information Security Controls within the organization, actively engaging in Assurance and Architecture discussions, and conducting Security awareness sessions. To excel in this role, you should have a strong understanding and experience in Information Risk Management, internal and external Audit, and Business (IT) Controls. Advanced knowledge of internal and external IT security standards, PCI standards, GDPR, various Privacy Laws, and compliances like ISO and BS is essential. You must also possess a robust understanding and practical experience in how CSRM impacts application development, operations, and IT Infrastructure. Effective communication and collaboration skills are critical for interfacing with various internal and external groups, including Third parties, Business, and IT, and networking globally across Group businesses. Technical expertise in security domains/technologies such as Infrastructure/Network security, Identity and Access Management, Business Impact Assessment, and knowledge of Data Security Standards like PCI DSS, GDPR, and Privacy Principles are required. You should be able to drive Platform/Application security and compliance initiatives as part of Project Engagements, and have the ability to anticipate and identify mitigation strategies for Risks. Education Qualification: - B.Tech in Computer Science and Engineering Certification required: - CISA, CRISC, or CISM,

Posted 3 days ago

Apply

Consultant - MAST Vanguard Kezan Consulting

4.0 - 8.0 years

12 - 14 Lacs

Bengaluru

Work from Office

Consultant - MAST Vanguard Requirements: Mandatory Technical & Functional Skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

Posted 2 months ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.