Job
Description
Job Purpose
Information security tech team member (with skip level reporting to CISO) who is proficient in maintaining & managing NBAD technology, Information Security tool management & governance. Understanding of regulatory requirements, maintaining the tool compliance, configuring the tool policy, logs review & alert/incident handling. Driving information Security projects & Monitoring Key Risk Indicators (KRIs)Duties and Responsibilities
A-Minimum required Accountabilities for this roleDeployment & Configuration
Lead or assist in the deployment of DAM tools (e.g., Imperva SecureSphere, IBM Guardium, DataSunrise, Oracle Audit Vault).
Configure agents/connectors for various database platforms (Oracle, SQL Server, MySQL, PostgreSQL, etc.).
Ensure proper integration with SIEM and other security infrastructure.
Validate data collection and ensure coverage across critical databases.
Management & MaintenanceCreate, Maintain and update DAM policies, rules, and configurations.
Monitor DAM tool health, performance, and data integrity.
Perform regular audits of DAM coverage and ensure alignment with compliance requirements.
Manage user access and role-based permissions within the DAM platform.
Incident Detection & HandlingMonitor alerts and logs for suspicious database activity (e.g., unauthorized access, privilege escalation, data exfiltration).
Investigate DAM-generated incidents and coordinate with SOC/IR teams.
Document incident findings and support forensic analysis.
Recommend and implement remediation actions based on incident outcomes.
Collaboration & Knowledge SharingWork closely with DBAs, InfoSec, and IT teams to ensure secure database operations.
Provide training and guidance on DAM tool usage and best practices.
Stay updated on DAM tool enhancements and database security|A-Additional Accountabilities pertaining to the role
Design, implement, and manage SNA policies to protect infa and network.Maintain compliance as per organization compliance policy Highlight risk & mitigation plan Conduct and manage security assessments (vulnerability scans) for infra and network, SNA tool.Work with SOC team to investigate security alerts and improve detection rules.Document security policies, configurations, and incident reports.Flexible to extend beyond work hours towards accomplishing assigned tasks.Risk analysis and mitigationInteraction with OEM for Highly Critical technical support.Responsible for Reports & Technical documentation.Should be capable to guide the team/individual on requirement basis.Communicate effectively with stakeholders & cross function teamsResponsible for MIS Reports/ Technical documentsVendor Co-ordinationExcellent spoken and written English Communication.Strong troubleshooting, analytical, and communication skillsGood attitude towards corporate environment.Team player & Mentor to the team.Energetic, self-motivated and self-sufficient in accomplishing tasks.Good analytical and problem-solving skills.
Key Decisions / Dimensions
Identification of right contacts to channelise the issue/problem for closure.
Review the alert/incident and categorised True positive / False positive and take require steps.
Discuss observation response as applicable & improve security controls.
Decide if the policy and procedure documents need changes based on new regulations or audit outcomes
Major Challenges
Handling of fast changing environment with variety of cloud service providers
Handling of compliance expectations in stringent timelines
Handling multiple stakeholders at a time
Coordination with third party consultants who assist in auditing and compliance initiatives
Required Qualifications and Experience
QualificationsBachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
Minimum 4+ years of experience in network security, cybersecurity operations, or a similar role.
Minimum 2+ years in Information / Cyber / network security.
a)Work ExperienceKnowledge & hands-on experience in information security tool compliance & incident management (SNA, AV/EDR, Vulnerability management tool, SIEM tool, Tenable nessus)
Sound knowledge on IT infrastructure, Information Security concept & tools, ISMS & BCMS frameworks, regulatory guidelines related to IT and cyber for NBFCs
Experience in Project management.
Positive attitude, Hard Worker and team player
Excellent Communication and Leadership Skills
Certifications like CEH (Ethical Hacking), Cisco Certified CyberOps Associate, Cisco Secure Network Analytics (Stealthwatch) Training would be an added advantage
