Security Lead for one of the leading Datacenter Giant

Role: Security Lead

Location: Navi Mumbai

Budget: 30 to 35 LPA

Experience: 10 to 15 years

ROLE SUMMARY

The Security lead will provide security incident response and readiness as part of a 24x7 Security

Operations Centre within and in support of the IT Infrastructure and Operations team. Support global vulnerability management processes including OS and infrastructure patching, hardening and testing efforts. Operate security related tools (HIDS, NIDS, IPS, Analysers, Scanners, etc.) to identify active threats, attacks, vulnerabilities, exposures, etc., and prioritize activity within the team. Assist in speedy identification of mitigation/remediation solutions.

DUTIES AND RESPONSIBILITIES

Security Incident Response:

 Provide timely and effective security incident response within a 24x7 SOC environment.

 Lead operation teams to effectively maintain the lifecycle of both on-premises and cloud-based

security solutions.

 Manage response to security and operational incidents, and on-going security requests.

 Coordinate and manage security incidents to ensure swift identification, containment, and

remediation.

 Develop and maintain incident response playbooks and procedures.

 Participate and contribute to industry cyber forums, both formal and informal.

 Support all audits and reviews requests.

 Monitor developments in the information security industry and communicate on the potential

impact or applicability to the organization

Vulnerability Management:

 Support global vulnerability management processes including operating system (OS) and

infrastructure patching, hardening, and testing efforts.

 Conduct regular vulnerability assessments (VAPT) and prioritize remediation activities.

 Collaborate with IT teams to implement and validate security patches and updates.

Security Tools Operation:

 Manage the Total Cost of Ownership (TCO) for security solutions which includes new investments

and business-as-usual financials.

 Operate and manage various security tools including Host Intrusion Detection Systems (HIDS),

Network Intrusion Detection Systems (NIDS), Intrusion Prevention Systems (IPS), analysers,

scanners, and more.

 Continuously monitor and analyse security tools to identify active threats, attacks, vulnerabilities,

and exposures.

 Prioritize identified threats and vulnerabilities for remediation activities within the team.

Threat and Vulnerability Identification:

 Assist in the identification and evaluation of security threats and vulnerabilities.

 Conduct in-depth analysis of security events to determine the root cause and potential impact.

 Provide recommendations for mitigation and remediation solutions to address identified security

issues.

QUALIFICATION & EXPERIENCE

 Proven track record for managing technical resources to deliver technology

lifecycle

 Experience of 10 + years and have relevant information security experience

working with or for a global exchange or a global financial firm.

 Solid knowledge and experience in cloud technologies, and familiar with

cloud security architecture, design and operations.

 Relevant experience with SecDevOps principles, Security Automation and

Orchestration.

 Must have relevant experience with industry best-practice approaches to

the design, implementation, operation and management of IT systems (e.g.

Agile, Waterfall, ITIL, COBIT)

 Must have relevant experience with information security (e.g. CISSP, CCSP).

 Must have strong information security technology knowledge/concept and

can effectively communicate with senior management and a broad range

of technical/non-technical audiences. Strong written communication skills,

experienced with writing board-level papers and verbal presentations to senior management.

 Must have a relevant University degree in Computer Science, Information

Management, or related field, or equivalent experience.