jobseeker Logo
Now Apply on the Go!
Download iimjobs Jobseeker App and get a seamless experience for your job-hunting
04/09 HR
Manager HR at Emeritus

Views:580 Applications:91 Rec. Actions:Recruiter Actions:11

Emeritus - Manager/Senior Manager - Information Security (8-12 yrs)

Mumbai Job Code: 845935

The Opportunity :

- Build, deploy, maintain, and enforce information security risk management standards, policies, and procedures to maintain and enhance the compliance posture within RapidAPI

- Work along with the CIO for the customer, partner, and vendor InfoSec audits and risk assessments, communicate results to information security stakeholders or business partners and ensure remediation of outstanding issues

- Perform internal risk assessments and analysis to identify opportunities to improve risk posture, and develop solutions for remediating or mitigating risks and assessing residual risk

- Anticipate new security threats and stay-up to date with the evolving industry, regulatory, and legal requirements relevant to security, compliance, and privacy

- Monitor security vulnerabilities, threats, and events in network and host systems

- Develop strategies to handle security incidents and coordinate investigative activities to promote a culture of information security throughout the organization, providing subject matter expertise, guidance, and training

- Prepare financial forecasts for security operations and proper maintenance cover for security assets

- Prioritize security projects based on costs, benefits, resources, and alignment with business goals

- Execute regular Information Security Audits to ensure compliance with existing Information Security policies and identify areas for improvement

- Responsible for conducting regular VAPT tests over the on-premise as well as the cloud infra

- Responsible for maintaining and creating information security processes and procedures

Necessary Skills and Experience :

- 8-12 years of experience with Information Security or related field

- Strong knowledge of security risk management frameworks including related regulatory compliance requirements (e.g. NIST CSF & 800-53, ISO27001, SOC, HITRUST, HIPAA, FedRamp, PCI, GDPR)

- Has led and built audit and InfoSec compliance frameworks

- Demonstrated understanding of qualitative vs. quantitative risk management to determine, evaluate, and report on technology risk levels at the project and enterprise level

- Strong oral and written communication skills with the ability to communicate complex concepts in simple terms for key stakeholders

- Ability to manage security on cloud platforms like AWS, GCP & Azure

- 5-7 years of experience in working with any leading SIEM tools like Splunk, Sumologic, Cloudflare Qradar, LogRhythm, ArcSight, etc.

- Experience in other security applications in the areas of EDR, Proxy, DLP, IDS, IPS & endpoint security

Beneficial Skills and Experience :

- Industry certification in IT Security preferred (e.g. CISSP, CISM, CISA, SANS) 

- Demonstrated experience of working in a cloud IT environment and cloud product offerings with experience in driving SOC2 and NIST certifications for customer-facing environments

Women-friendly workplace:

Maternity and Paternity Benefits

Add a note
Something suspicious? Report this job posting.