Position : Delivery Manager – Security Domain: Information / Cyber security

Experience : 10-15+ years

(with at least 8+ years of vulnerability and penetration testing experience)

Location : Mumbai

Reporting to : VP-InfoSec

A Mumbai based company with over 850+ employees, recognised as a pureplay testing service provider in the BFSI segment is seeking Security Delivery Manager for their Information Security line of business.

Context of the role

Financial Institutions / Banks / Public sector comprise the company’s significant clientele. The Security Manager would be a leader with a proven experience who would need to test / assess and should be able to provide solutions to address the critical vulnerabilities from enterprises (both PSUs and Private). Should have the ability to convert the needs of their business users and stakeholders into business requirement

Preferred candidate:

• Bachelor's Degree in Engineering/Technology (Computer Science/Information Science branches preferred).
• Must have CEH/GIAC/OSCP and CISM/CISSP certification.
• Must have strong understanding of Mobile and Cloud network security architecture.
• Must have experience with framework such as OWASP, STRIDE, MITRE ATT&CK
• AWS Security Specialty certification preferred. - Hands-on experience in Applications & IT Infrastructure including mobility/IOT security.
• Hands-on Vulnerability Assessment and Penetration Testing/Red Team exercise Experience.
• Prioritize security findings and help Engineering and Cloud teams in resolving them at the earliest.
• Hands-on experience with tools like Qualys, Nessus, BurpSuite, OWASP ZAP, Metaspoilt etc.
• Relevant professional experience or extensive experience in security activities (e.g. CTF, bug bounty, security research, publications, blog).
• Knowledge of vulnerabilities lists like OWASP TOP 10, SANS 25 etc.

Roles & Responsibilities:

• Manage several security products and services, build roadmaps for security products and services, work with various teams to develop new security capabilities for the company.
• Should have experience of working with diverse/small teams and influencing strategy, tactics and execution
• Should have the ability to build relationships and work collaboratively with internal and external teams.
• Ability to handle multiple projects simultaneously in a dynamic, deadline-oriented environment, and make key decisions in a timely manner
• Stay abreast of information security issues and regulatory changes. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position
• Should have great written and oral communication skills and able to interact with any audience regardless of background.
• Have the ability to understand the client's expectations and drive the team to achieve.
• Mentor team members and conducted training Programs.
• Manage internal and external vulnerability assessment, penetration testing, Red Team exercise and ensure recommended remediation is carried out in time.
• Tech savvy which loves to stay on top of industry trends.
• Highly motivated, goal driven, Can-do approach, curious and open minded.