AddressRole : Information Security Manager is responsible for developing and managing Information Security Systems, Cyber Security, including disaster recovery, database protection and software development. Manage IS security analysts to ensure that all the Enterprise applications are functional and secure. Being an Information Security Manager develops and delivers IS security standards, best practices, architecture and systems to ensure information system security across the enterprise. Implements procedures and methods for auditing and addressing non-compliance to Information Security standards. Additionally, the Information security manager migrates non-complaint environments to complaint environments.
1) Analyze IT - infra specifications to assess security risks.
2) Performed the internal/external Audits and close the security gaps.
3) Design and implement safety measures and data recovery plans.
4) Secure networks through firewalls, password protection and other systems.
5) Responsible for establishing communications bridges and meetings in support of efforts to remediate support
6) Issues with antivirus and anti-malware systems.
7) Ensures work is compliant Information Security policies, procedures and the local business plan.
8) Responsible for developing and recommending the best course of action based on solid security principles.
9) Responsible for monitoring and reviewing logs from a variety of sources in support of security and incident response operations center.
10) Provide advice and assistance to operational teams related to their Security operations Management.
11) Responsible for analyzing potentially malicious programs and software using a variety of tools to identify indicators of compromise (IOCs) that can be used in protective security systems.
12) Management of Internal controls for segregation of duties, authorization, documentation requirements, and written processes and procedures. Internal audits seek to identify any shortcomings in a company's internal controls.
13) Review the Process and Security KPI metrics of Vendor/Partner. 4) Cloud network - Direct Connect, VPN, status, reachability, etc.
14) Co-ordination with ISP, vendors, internal stakeholders
15) Daily operations & SLA management for Compliance
16) Co-ordination between network operations & Network security team
17) Monthly MIS and review
18) Incident Management
19) Build physical and logical firewalls to protect network infrastructures.
20) Monitor software for external intrusions, attacks, and hacks
21) Work independently or as part of a team as needed.
22) Maintain the license for security requirements.
23) Monitor anti-spam technologies and have knowledge of email, DDoS, intrusion detection system, vulnerability scanning and network access controls.
24) Data requirements for Security and compliance.
25) Governance and do implement Network Security and mechanisms to protect information.
Skill :
- Basic Infrastructure administration and management
- Project Management
- Analytical and Structural thinking.
- Management of Multiple OEM's & Vendors in large complex environments.
- Network LAN & WAN: Routing & Switching
- Knowledge on SD-WAN
- Network Security: Firewall Devices - Fortinet, ASA, Checkpoint, AWS Firewall, Sophos, Sonic
- Network Security: ACL's Web filtering, URL filtering, Proxy
- Load Balancers
- IT Audit & Compliance
- Strong IT skills including knowledge on hardware, software, networks, and data centers
- Skills of perception and QA, ability to identify vulnerabilities and overall issues.
- Practices and methods of security architecture, enterprise architecture and IT strategy.
- Security architecture definition and development.
- Security concepts related to routing, DNS, VPN, authentication, DDOS mitigation technologies/tools and proxy services.
- Firewall and other security tools and technologies.
- Information assurance
- Virtualization/VMware
- Active Directory
- ISO27001/27002, COBIT and ITIL frameworks.
- Compliance-Related Skills: HIPPA, PCI.
