Years of Experience: 5-6 Years

Location: Gurgaon

Work Mode: Hybrid

Cyber Security Program:

• Leads Security Operations to meet organization Cyber Security objectives & goals.
• Communicate & work closely with IT Team, where operational security issues are identified.
• Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand- based environment, requiring extreme flexibility and responsiveness.
• Partners with SOC and Incident Response teams in the event of a security incident to ensure timely mitigation and remediation efforts are completed.
• Creates and maintains Cyber Security policies, procedure, and control standards.
• Produces high quality communication, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management.
• Maintains current knowledge with respect to technologies and products both in house and in the market.
• Recommends effective changes to enhance defense and response procedures.
• Drives team to evaluate, tests, and selects security tools and products.

Technical Know-how:

• In-depth knowledge of modern security concepts such as common attack vectors, malware, security analytics and threat intelligence.
• Understanding of Cybersecurity Operations models and technologies (cloud, automation, orchestration, analytics, and risk-based approaches).
• Excellent understanding of major regulatory and industry standards such as NIST and MITRE ATT&ACK framework.
• Work closely with SOC partner, Cert-in and other similar bodies and act promptly on latest cyber threat advisories.
• Experience with Endpoint Detection & Response (EDR/XDR), automation (SOAR) and SIEM tools.
• Ability to review, test (POC), finalize & propose Security tools, meeting organization requirements.
• Ability to review existing Cyber Security posture of the organization and highlight areas of improvements and potential gaps in cyber controls.
• Fair knowledge and hands-on experience in Antivirus, Patching, systems hardening and server & endpoint protection.
• Knowledge and hand-on on tools and technologies like – MFA, MDM, Data Discovery &
• Classification, NAC, Encryption, DLP, PAM, IPS/IDS, WAF, Firewall, Proxy, AD, O365, SOC operations, Proxy etc.
• In-depth ability to review Vulnerability Reports and suggest/ propose remedial actions.
• Work closely with Security Partners and act promptly on Security Advisories and vulnerabilities .

Stakeholder Management & Communication:

• Ability to communicate technical ideas and strategies effectively to non-technical audiences, including executive leadership, via multiple mediums (e.g., written communications, verbal communications, presentations, etc.).
• Cybersecurity Technology Trends – Demonstrates a strong understanding of emerging trends in the
• Cybersecurity technology landscape, including new technologies, processes, and ways of working.
• Able to determine the impact of technological advancement on the company’s systems, applications, infrastructure, and practices.
• Vendor / Contract Management – Ability to build effective relationships with third party providers, suppliers, and partners.

Risk Management and Incident Response:

• Perform information security risk assessments with respect to Company’s functional security domains as well as 3rd party vendor environments on an ongoing basis and report any significant risks to the ISC / senior management.
• Provide inputs for building Information & Cyber Security Risk metrics / dashboards & reports for parameters across various domains.
• Ensure compliance to the Information and Cyber Security policy, procedures & standards of the
• Organization. Keep IT policies, procedures & runbooks updated
• Control & facilitate the identification, response, investigation, remediation, and reporting of information security incidents
• Managing the advance threat protection & strengthen the cyber incidents response framework & capabilities
• Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
• Examine impacts of new technologies on the organization’s overall information security.