Senior Executive - Risk & Compliance

Role & responsibilities Understand the security environment, identify security gaps in IT Infrastructure, report to Security and fix the gaps on priority Be the first line of defence against cyber threats, monitoring security systems, analysing alerts, investigating incidents, and responding to security events, while also contributing to improving the organization's security posture Respond to security incidents, including conducting forensic investigation and implementing remediation measures. Stay informed about the latest security threats, vulnerabilities and industry best practices. Proactively search for and identify potential threats and vulnerabilities that may have bypassed existing security controls. Evaluate and recommend security tools and technologies to enhance the organizations security posture. continually identify, assess, report on, manage and remediate vulnerabilities across endpoints, workloads and systems. Conduct ethical hacking activities (CEH) to identify vulnerabilities and weaknesses in systems and applications. Perform Vulnerability Assessment and Penetration testing (Pen Test) to simulate Cyber Attacks and assess the effectiveness of security measures. Maintain and tune information security monitoring tools and systems. Have strong understanding of networking protocols (ex: TCP/IP, DNS, DHCP) and OSI model to work with Network teams. Harden network devices (routers, switches) by applying security best practices and configuring ACLs to limit unauthorized access. Knowledge of cryptographic algorithms and protocols (AES, SSL/TLS, IPSec) for securing data in transit and at rest. Deep understanding of cryptographic principals, key generation, distribution, storage, and rotation along with the ability to develop and implement robust key management policies & procedures. Review Firewall rules, Routers, Switches, IDS, IPS, Servers, Databases and other infrastructure components to identify security gaps in their configuration. Preferred candidate profile B.Tech/M.Sc with computer science or information technology with good communication skills Overall IT experience of 4 to 8 years, with a minimum of 3 to 5 years in IT Security, IT Audit. Strong understanding of Network protocols, VPN, Remote connectivity, Firewall technologies and intrusion detection or prevention systems. Experience in handling SIEM tools, performing VAPT exercises, patch management, AV updates, and security configuration of systems Certifications like CompTIA Security+, or CISSP or CEH or Any One Security Certification (C- Level) Certification is Must Note : Candidate having less than 30 days' notice period or immediate joiners alone please apply Interested Candidates please share the profile to my Email ID - Krishnaprasad.ravishankar@omegahms.com