JOB DESCRIPTION

Position Title Chief Manager - IT Security Grade/Level

Department IT Location Chennai

Organizational Relationships
Position reporting to Head – IT Security & Infrastructure (CISO)
No. of Direct Reports
Job Purpose
This position is responsible for performing ISRM, Regulatory Compliance, Implement GRC, SSDLC on-boarding,
Application Security, Vulnerability Management, Incident Response, Data Security and Privacy, Security control
assessment, , Network security & monitoring using various technologies that may include IDS/IPS, Firewalls, Web
filtering, Security Monitoring tools and related products.
Also responsible for initiatives for Platform defense, Security Operations, Security Monitoring & Business Continuity
and SDL Automation, Trainings and Independent Security assessments as business as usual
Key Responsibilities
 Enhance the security, resilience, and reliability for IT Security, Risk Management,
Regulatory & Compliance (ISO, GDPR, ITGC, RBI Guidelines Assess and
Implementation, ISMS Audits - internal & external etc.), Network Security &
Platform Defense, Security Operations, Security Monitoring and Business
Continuity.
 Implement and streamline SSDLC and document overall IT and Network Security
Processes and procedures.
 Implement and streamline execution of Threat Modeling, Static and Dynamic
Code Analysis, Open Source Software Threat Analysis, VAPT.
 Implement application security solutions, vulnerability remediation, and
vulnerability management. Also will provide oversight to all security operation
initiatives and Security controls assessments.
 Perform security non-compliances, gap analysis and risks assessment for Host,
Platforms, Applications, Networks, Databases, Web, Binary & Mobile
Job Responsibilities
 Implement tools and processes to monitor all security dimensions and metrics
including asset, change and configuration management, network connectivity,
user account management, logging analysis, intrusion detection & response,
physical security, vulnerability scans, data security, fail over and back-ups, etc.
 Implement and streamline Threats assessment landscape and security issues
using tools/technology/frameworks like DLP, WAF, CICD, Firewall, IPS/IDS
tuning, IAM & PAM, DRM, NAC, SIEM & DNS, ITSM and CMDB to enhance
security operations and to remediate network security risks.
 Analyze and assesses impact to the data/infrastructure as a result of security
incidents, examine available recovery tools and processes, and recommend
solutions.
 Develop and recommend information security policies and principles that will
ensure Data Security and Privacy, integrity, confidentiality, reliability, and
appropriate use of the company s information assets
Job Requirements

Qualifications  Graduate / Post Graduate in Computer Science / IT (Networking)

Experience  12+ years of experience in Information Security Management / Cyber Security

Functional Competencies  Knowledge of security systems (firewalls, IPS, anti-virus, encryption,
authentication), local and wide-area networking, Microsoft systems and mobile
technologies

Classification: Internal
  Expertise on Containment, Remediation, Mitigation & Post Incident Activities

 Knowledge on various vulnerability assessment tools

 Certification in IT Security viz CEH / CLPTP / CISSP / CISM preferred

 Good Analytical & multi-tasking skill

Behavioral Competencies  Strong communication and interpersonal skills

 Problem Solving & decision making skills

Classification: Internal