Job Description

In today's age securing the confidentiality, integrity and availability of information assets has become a mandatory role for any IT organization. We are looking for Information Security Manager who possess deep expertise in the security space, to govern the policies and harden IT Systems (which contain highly sensitive data) from attacks

Responsibilities

• Developing and maintaining the information security policy and a supporting set of specific policies, ensuring appropriate authorization, commitment and endorsement from senior IT and business management.
• Communicating and publicizing the information security policy to all appropriate parties.
• Ensuring that the information security policy is enforced and adhered to.
• Be responsible for the implementation and management of security-related applications and systems,
• Lead planning and/or end-to-end implementation of Single Sign On (SSO) and Identity Access Management (IAM) projects or deploying and customizing security technologies/solution.
• Identifying and classifying IT and information assets (configuration items) and the level of application & data security control and protection required.
• Assisting with business impact analyses.
• Performing security risk assessment and risk management in conjunction with availability and IT service continuity management.
• Designing application & data security controls and developing security plans as well as executing technical solutions (or introduce tools) to achieve the plans.
• Developing and documenting procedures for operating and maintaining security controls.
• Monitoring and managing all security breaches and handling security incidents, taking remedial action to prevent recurrence wherever possible.
• Reporting, analysing and reducing the impact and volumes of application & data security incidents in conjunction with problem management.
• Promoting education and awareness of application & data security.
• Maintaining a set of security controls and documentation, regularly reviewing and auditing all security controls and procedures.

Requireent

• BS Degree in Computer Science, Information Technology or similar field;
• Minimum 5 years of experience in application security;
• Strong problem-solving skills and ability to work under pressure;
• Knowledgeable in security test methodologies (such as OWASP), Hardening, Penetration Test and Vulnerability Assessment etc.
• Hands on experience with SSO, IAM, application / web application development, API and security architecture/solution.
• Certification in CISSP/CISM/CISA or ISMS ISO 27001 will be an advantage;