Cyber Security Role - Life Insurance (5-10 yrs)
Hiring for one of my Life Insurance client
Role involves the system implementations, adoption and testing of new processes and procedures which improve the security and robustness of the IT Infrastructure and associated IT Platforms.
- Provide technical expertise for information security policies, standards & operations
- Managing and hand-on experience on Perimeter Security components which includes management of Firewall, Network Intrusion Prevention System (NIPS), Web Application firewall (APT) solutions, VPN, Proxy solution, email gateway
- Managing and hand-on experience on endpoints Security components which includes management of Anti-Malware, EDR, Encrytion, DLP
- Managing and hand-on cloud security which includes AWS WAF, Advance shied, ACLs, Security groups, VPC, Identity & Access Management, AWS inspector & cloud trial
- Configuration Security hardening across IT Infrastructure platforms (such as Servers, Storages, Network, Network devices and Endpoints.)
- Provide security assurance & remediation of Security Incidents to minimize adverse impact
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
- Creation of reports, dashboards, metrics for IT Security Operations
- Establish and maintain operational SOPs for all responsible areas and technologies
- Perform regular status reviews with IT Infrastructure asset owners & senior leadership to ensure compliance with InfoSec policies
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Person should have very strong expertise on Palo Alto/checkpoint firewall, Mcafee NIPS, F5 WAF, GTM/LTM, Mcafee EPO, Cisco ISE, Forcepoint proxy/email gateway
- Knowledge of various operating system flavours including but not limited to Linux (RHEL & OEL) Windows, Unix
- Knowledge of applications, databases, middleware to address security threats against the same.
- Sound experience in vendor management
- Maintaining current knowledge and understanding of the threat landscape and emerging security threats and vulnerabilities
- Exposure to Ethical Hacking tools such as Nessus, Qualys, Nexpose, Vulnerability Assessments Tools for Network, Host, Applications, Endpoints etc.
- Provide escalation Support on critical issues on IT Security solution platforms
- Lead change, incident, and problem management for IT Infrastructure Security including creating change requests, incident Reports and Root Cause Analysis (RCA) reports.
- Responsible for asset management, inventory tracking and support contracts related to Infrastructure Security function
- Provide L3 / L4 Support on IT Infrastructure Security issues and Conclude RCA
- Provide Project management support on the IT Infrastructure Security solutions planned for the function
- Responsible for monthly service review with KPI and SLAs and publishing matrixes
- Responsible for implementation, execution, and effectiveness of vulnerability management program to achieve 100% defects closure