Address
Form of workJob Description - Cyber Security Manager As a Cyber Security Transversal Manager (FSM, SPS and AVM teams), following are his / her missions: - - Manage Team with expert functional knowledge of Cyber Security or information security processes with moderate to expert domain knowledge - He /She should have good understanding, work experience on Cloud Security Management (Min 4 years) and extensive cybersecurity knowledge. - He /she should understand the team's challenges / concerns and work with management and other stakeholders to provide a solution. - As a CyberSec manager your role is to make the benefits clearly visible and to champion all efforts moving forward. - Have clear understanding on Cyber Sec and respective departments vision and define clear roadmap for team to achieve targets effectively and efficiently. - He /she should have the potential to articulate security requirements around different domains (Cloud, VAPT, Risk Management) to the team, management and define clear objectives. - Attend and support the weekly Operational, Steering and Strategic committee meetings. Follow up actions on weekly/ bi-weekly calls. - Connect and coordinate with different teams (Controls deployment, GTS COE, Application team, GTS, DevOps, etc) and track our Requests - Control and mentor team on optimization of TnC deployment, maintenance, and alert management. - Conduct independently Weekly SecOps Meeting and coordinate with counterparts across departments. - Ensure seamless presentation to Senior Managements. Cybersec communities and other stakeholders on Security topics (Cloud, TnC, VAPT) with good understanding on the expectation on senior management requests - He / She should liaison regularly with Streams leads, Manager, CISO and other Stakeholders and have pertinent knowledge with vision, roadmap and risks on requirements/topics. - Good to have AWS/Azure Certification, Devops, VAPT Knowledge. - Assist in building technical capabilities, strategic roadmaps and team competencies based on priorities and policies of Group and GSC - Stakeholder management and relationship building with technical counterparts - Good to have knowledge on CNAPP/ Cloud Identity and Entitlement Management (CIEM)/ multi cloud - Expert knowledge on offensive security and VAPT to help and improve the technical part of the operations with in AVM. - Build a bridge between AVM Lead and other business heads and Security champions to understand the priorities for the respective business units with respect to AVM Activities - Expert guidance to drive technical POC’s and automations. - Recurring interaction with AVM team to understand pain points and to motivate team. Provide cascades from senior management on regular basis. - Expert knowledge on Burp suite, SAST and DAST tools - Expertise on DevSecOps, OWASP top 10 vulnerabilities and various industry standard practices on VAPT. - Provide required support to understand groups objectives on new initiatives / activities around security tooling (SonarQube/Secret scanning, etc..). This will help us to prepare clear roadmap and execute. - Provide guidance, mentoring, coaching to eliminate identified manual / redundant activities and to prepare strategy to improve team’s efficiency. - Good knowledge on application vulnerabilities to challenge auditors and developers to validate and take them to closure. Additional Responsibities as Transversal Manager - To support the IT projects of the central departments and sub-divisions in order to identify the business issues of information protection and the associated security requirements. - Accountable for producing, implementing and regularly updating the required process documents, policies and procedures around Cyber Security - To lead and carry out Application Security assessments, Security Recommendations for IT Applications, and new projects under Central departments - Work in collaboration with Functional Head/ Unit Head, cybersecurity experts and SMEs to design and transform cyber capabilities and controls on time to time basis - Responsible for delivery and management of Application security management, risk operations for one or more teams / processes - Support the implementation of new regulatory programs / controls and evaluating projects / applications against Cyber Security controls as and when required - Responsible for people management, mentoring and development of talent - To carry out risk analyses and to identify remediation plans - To present residual risks to the various project stakeholders for acceptance. - Monitor Regulation compliance. Define, implement and bring awareness on security standards associated with specific Global, regional and local regulations - Work closely with key stakeholders and team to regularly audit the policies and controls put into place - Should have the Excel - Macro and scripting skill. - Good to have MS Access skill. Profile Required ● Around 15+ years of experience in the field of IT security with extensive knowledge on Application Security, Security and Risk Management, Security Assessment and testing along with Software development security to ensure we comply with Security by Design. ● CL 6 / 7 with Adept Knowledge of information security issues and above mentioned security domains. ● Be able to understand architecture issues in order to develop security policies or relevant recommendations on applications and projects. It is imperative to be able to discuss on an equal footing with the community of architects and project managers of the applications concerned. ● Knowledge of the job of IT application project manager. The expert's interlocutors are generally IT project managers. It is necessary to know their constraints, their ways of working, to understand their vocabulary. ● Guide, mentor and Implement improvements on process documents. Prepare documentation as and when required on technical subject related to Security. ● Basic awareness of any of digital technologies and Understanding of functional domain and business processes. ● Soft Skill : Excellent Communication skills, Assertive, Vocal, Decision Making Capabilities, Teamwork & Team-spirit Time Management and On-time Delivery, Leadership and team management capabilities ● Should have : Proper Work Ethics, Adaptability, Interpersonal skills; and Problem Solving Cabapilities. ● Education : B.Tech or equivalent degree in IT/Computer science. Cyber Security or Information Technology stream Additional Qualifiers – • Excellent presentation and analytical skills • Desired functional or domain certifications • Basic degree in Engineering or Masters in Information systems • Advance level of people management skills • Collaboration and Stakeholder management skills Additional Skills (Nice to Have) : ● Security Certificate such as CEH, GISF, SSCP, CISSP ● Worked on Application Security, Software development security, Risk Analysis and Security Recommendation. DB Security Testing. Derogations etc, ● Development knowledge. Worked in SDLC. ● Expertise in Assessment / development of Rest web services and APIs ● Experience in working on projects in Agile Methodology ● French Language – A1/A2 DELF certified. Writing and Speaking skills. Specific Context Additional Skills
