Crisil - Manager - Information Security Operations

Role / Designation: Manager - Security Operations

Job Level: 12A

Job location: Mumbai

Employment type: On-Roll

Reporting Manager: Chief Information Security Officer

Accountabilities:

1. Responsible for identifying the need for technology security controls to adequately protect the perimeter, server farms, end points, cloud, API and other gateways that open to the external world

2. Identify, evaluate, implement and operationalise necessary security controls through tools and practices. The tools include, but not limited to, AntiVirus, Anti Malware, Anti APT, EDR, DLP, IRM, MDM, DDoS protection, Proxy, IPS, Cloud security controls etc.

3. Architect and rollout NextGen Big Data SIEM and Analytics Platform, Responsible for maintaining, upgrading Security Operations Center, Incident Response, Ensure maturity of the SOC and ensure visibility of all threats, Adapt frameworks and standards for effective SOC design, implementation and deliverables

4. Keep abreast with country specific cyber threats through maintaining close work relationship with regulatory agencies and CERT, attend RBI's cyber events & trainings

5. Ensuring timely conduct of Security Assessments program including Vulnerability Assessment, Configuration Assessment, Penetration Testing and Application Security, Organize Red Team and blue team exercises, Responsible for Decoy defense initiatives

6. Ensure CRISIL is adequately protected from all kinds of known threats, by implementing the right mix of technologies and processes, in the most cost effective way, and all the deployed tools are utilised to the fullest

7. Ensure Audit and Compliance issues are closed for Cyber security domain in a timely manner

8. Responsible for managing vendors who support for various tools and services, ensure timely and meaningful vendor reviews, SLA assurance and management

9. Ensure Tech Sec dash boarding and reporting with highest levels of integrity to portray the correct cyber security posture of CRISIL to the top management

Education / Experience / Other Information:

- Bachelor degree in Engineering or Graduation in Computer Science degree or equivalent degree

- 10-12 years- experience in information security, cybersecurity, technology security management in large multinational financial / technology institutions environment

- CISSP, CEH, OEM certifications etc will be an advantage.

- Hand-on experience on implementation/configuration / troubleshooting of various Tech Sec tools, SIEM/SOC, VAPT, Red teaming exercise,

- Excellent verbal and written communication skills.