Job Overview:

Job Description
Role - Security Lead

Location-Pune

This role presents a dynamic opportunity to ensure the secure operation of the information technology (IT) and processes through developing and implementing security safeguards and providing input to the enterprise information security program

REQUIRED SKILLS & EXPERIENCE

Minimum of 7-10 years of professional experience in Information Security, Risk Management, IT Controls or other related area is mandatory
Working knowledge of IT Governance, Risk and Compliance (GRC) frameworks and standards such as COBIT, ITIL, ISO27001/2, SSAE18, NIST Cyber Security framework
Excellent knowledge of OWASP top 10 (web, mobile & API) along with other security frameworks and its implementation across technical platforms
Know how with assessment of application, web, mobile, API and cloud security
Experience in Information Technology related positions with working knowledge of IT infrastructure, networks, databases, processing systems, web applications, mobile technology, cloud, big data and virtualization
In-depth expertise and working knowledge of information security principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
Excellent communication and presentation skills
Strong team management skills and the ability to effectively manage resources and teams across locations
Ability to work under own initiative and enthusiasm to drive through change and multi task
Ability to exercise high level of confidentiality when dealing with highly sensitive information
High level of accountability and ability to execute; experience of estimating and planning work effort including managing risks and issues in relation to delivery of work
Ability to lead complex, cross-functional problem-solving initiatives
Commitment to ongoing professional development and development of team capabilities
REQUIRED EDUCATIONAL QUALIFICATIONS

Bachelor or Masters degree in Computer Science or Information Technology
CISSP, CISM or equivalent professional certificate is preferred
CEH and ISO 27001 Lead Auditor is mandatory
An ITIL or project management certificates are not required but beneficial
PRINCIPAL RESPONSIBILITIES

Develop, maintain and implement improvements to a landscape of technical security safeguards, including assessment and deployment of new capabilities, technologies, and systems
Manage activities of the security architecture team and where necessary third-party specialists to support design, development and implementation of information security safeguards
Facilitate organizational change by defining strategies for TTL customer with respect to technology domain standards and design goals
Apply expert level knowledge in developing security architecture, frameworks, design patterns, standards, reference architectures and best practices
Conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase security posture
Assess, monitor and recommend improvements to the TTL customer security
Oversee and consult with application & IT teams to ensure adherence to security best practices
Perform assessment of web applications, API and mobile applications from VAPT perspective, report the findings to relevant stakeholder, provide recommendations and chair meeting if required for understanding of findings and track closure of the same
Create awareness within application development team on security best practices
Identify and understand issues, problems, and opportunities as applied to Application Security
Translate internal and external security requirements into design of specific information security safeguards
In collaboration with internal (IT, legal, audit, business and other) and external stakeholders, develop roadmaps and deployment plans for technical solutions and related procedures in line with global information security program
Risk assessment and mitigation from security and compliance perspective
Overlook Compliance deliverables Risk Assessment & Audit requirements
Secure SDLC and DevSecOps life cycle implementation
Maintaining a security risk log and providing it to customer on request from Customer
Issuing a weekly security report; and other reports based on KPI
Providing security related advice on technology industry changes that would impact on the Supplier's provision of services
Providing a single point of contact in the event of a security incident
Organising and attending a monthly security management review with Customer, preparing the minutes from those meetings and progressing actions arising from those meetings
Conduct meetings with Senior Management / Security Head to discuss security issues in relation to the Services on a monthly basis

Please share the updated Resume on deepika.chaurasia@tatatechnologies.com with below details.

Current Location

Current CTC

Expected CTC

Total Experience

Relevant Experience

Notice Period

Hight Qualification

Key Skills
risk compliancePenetration TestingVulnerability Assessment
owaspVapt
Skills highlighted with ‘‘ are preferred keyskills
Education

UG:B.Tech/B.E. in Any Specialization

No Of Opening: 1

Salary: Best in industry

Qualifications:

• B.Tech/B.E.

Apply Now