Send me more jobs like this

Senior Security Manager

Keywords / Skills : VAPT, CISSP, Penetration Testing, Information Security, CEH, ISO 27001, Network Security, Security Engineer, Risk Compliance, OWASP

7 - 12 years
Posted: 2019-07-26

Industry
IT/Computers - Software
Function
IT
Role
Security Analyst
System Security - Engineer
Posted On
26th Jul 2019
Job Description
JOB DESCRIPTION

Position Title: Security Engineer – Senior Level

Department: Information Security

Reports to: Director– Information Security

Location: Hyderabad

POSITION SUMMARY



This role is very important and critical in defining and maintain security framework in and around

information systems within the organization. The position requires deep understanding of how things in

security industry with extreme granular details of attack patterns, design of thwart systems, continuous

monitoring etc. Making architectural changes to meet day to day changes in information eco-system in

terms of evaluating functional changes from security impact aspect, using best tools in figuring out

latest threats, providing solution to extreme challenged, is the central objective of this position. It is

matter of interest that this position has ample scope for growth in managing Risk & compliance, not only

in terms of experimenting new architectures for better security but also, making structural changes to

information system workflow, the way apps process information, the way information is secured at

every level of processing etc.

Skills: 

This senior level position is must have a strong background in information technology with a clear

understanding of the challenges of information security. It requires excellent analytical and problem-

solving abilities to identify and fix security risks. To build understanding and awareness of security

issues throughout the organization, they must have excellent communication and presentation skills.

They also need good team working skills to develop security solutions in collaboration with other

information technology professionals.

Summary of essential requirements:

 10 -15 years on Security testing using OWASP TOP 10, SANS 25, PCI standards as reference.

 Should have worked on exclusively on application, mobile and network penetration testing.

 One of the following Certification is required. However, trained with these certificates with ability

to demonstrate the same, can also apply.

Advanced:

o CEPT - Certified Expert Penetration Tester

o LPT - Licensed Penetration Tester

o OSCP - Offensive Security Certified Professional

o OSCE - Offensive Security Certified Expert

Intermediate

o PenTest+

o ECSA - EC Council Certified Security Analyst

Entry Level:

o CEH - Certified Ethical Hacker Certification

o GPEN

o CPT - Certified Penetration Tester 

 Well versed with tools used in Security testing industry such as, Nmap, , w3af, Web Security,

Wireshark, Nessus, sqlmap and Metaplot, Kali Linux etc.

  Very good understanding of OWASP top 10 security issues

 Active involvement with community in discussions related to risk strategies, attack patterns,

compliance is an essential trait.

 Work under defined SLAs for clients and deliver projects on time within budget

 Ability to communicate technical impact and business risk using a risk based approach

following industry standard threat-risk ranking model

Keep oneself updated on the latest IT Security news, exploits, hacks.

Ability to:

a. Quickly analyze all false positive issues

b. Take responsibility of entire security project

c. Interact with developers, communicate the issue and get the fix

Educational Qualifications & Skills

Bachelor's or Master’s Degree (preferably from a top reputed university) 

 Strong analytical skills to comprehend above technical skills on how to make and break

foolproof security systems

 Passion for learning information security and acquiring new skills when required

Would be handling below activities as part of day to day work:

• Coach the team on Web application, Network and Mobile penetration testing. Coach on OWASP

Top 10 vulnerability scans

• Coach the team to perform PCI grade network and penetration testing before and after major

system changes

• Plans and implement Risk ranking according to Information Systems policy.

• Implement robust change control and configuration management policies across all environments

• Manage overall Incident Response processes.

• Participate in review of design level changes for assessing overall risk and compliance impact

• Proactively manage patching of updates across eco system from risk and compliance.

• Manage periodic VAPT of key applications

• Understand and manage audit requirements of PCI DSS, SSAE 16 SOC1, SOC2 standards

• Provide an awareness and training to employees on security aspects in Information eco systems

• Collaborate with Infrastructure team to create and implementing baselines for all in-scope systems

and components

• Bring innovation in overall processes for better management and improving efficiencies.

• Periodic review of alerts, log files, VA PT reports and take appropriate actions

• Work closely with Developer community in implementing security frameworks

• Managing end-point security on firewalls and other systems.

• Proactively manage activities in Security calendar of organization.

• Engage with community in learning latest industry progress on risk and compliance side.


About Company

HighRadius is a Fintech enterprise Software-as-a-Service (SaaS) company which leverages Artificial Intelligence-based Autonomous Systems to help companies automate Accounts Receivable and Treasury processes. The HighRadius® Integrated Receivables platform reduces cycle times in your order-to-cash process through automation of receivables and payments processes across credit, electronic billing and payment processing, cash application, deductions, and collections. HighRadius® Treasury Management Applications help teams achieve touch-less cash management, accurate cash forecasting, and seamless bank reconciliation. Powered by the Rivana™ – the Artificial Intelligence Engine Purpose-Built for Finance and the Freeda™ Digital Assistant, HighRadius enables teams to leverage machine learning to predict future outcomes and automate routine labor-intensive tasks. The radiusOne™ B2B Collaboration Network allows suppliers to digitally connect with buyers, closing the loop from supplier receivable processes to buyer payable processes. HighRadius solutions have a proven track record of increasing operational efficiency through automation, optimizing cash flow, reducing days sales outstanding (DSO) and bad debt, so that companies may achieve strong ROI in just a few months.
Similar Jobs
View All Similar Jobs


Walkin for you