Sr. manager - Technology Security
About IRIS Software :
IRIS Software Inc. is a professional software services organization that delivers high quality and cost effective solutions to businesses globally. Our customers include Fortune 100 businesses and mid-sized firms across Financial Services, Life Sciences, Logistics & Distribution and High Tech industries. We leverage best-of-breed technologies and flexible engagement models to deliver value for our customers' businesses.
We are a high growth setup with 4000+ people based out of our offices in India, US and Canada. We are strategic partners to over 25 of the Fortune 100 companies and our consistent strive to achieve the highest levels of customer satisfaction has translated into long-standing relationships and a preferred-partner status with many of our customers. Over the years, more than 90% of our customers have chosen to engage with us for repeat business.
IRIS is a quality and security focused organization. We have been appraised at Level 5 of the CMMI Institute's Capability Maturity Model (CMMI- ) and have been certified to ISO 9001:2015. Our Information Security Management framework is aligned and certified to ISO 27001:2013 and SOC2 Type II.
For more details visit us at
www.irissoftware.comRoles and Responsibilities :1. Optimize Cyber Security Program, Enterprise Security Architecture and Cyber Assurance controls.
2. Design and deployment of Technology security solutions across all layers - Application security, Network Security, Endpoint Security, End User Security, Identity & Access Management
3. Manage Security Operations Centre, Cyber Security Incident Management, Threat assessments and Over all Technology Security operations
4. Create Dashboards to visualise cyber posture and pinpoint areas of vulnerability. Ensure Benefits of cyber security solutions & controls are clearly visible
5. Maintain a Cyber Assurance program - Vulnerability Assessment and Penetration Testing, Application Security Enhancements (OWASP, DevSecOps), Evaluate new technologies and enhance Cloud Security Posture of IRIS, Cloud Security Posture Management
6. Manage Red Teaming - Blue teaming exercise, Cyber Security Drill, IT DR Tests on a perpetual basis
7. Technology Security Governance - Metrics and Reporting
Minimum qualifications :8. MBA - IT or Information Security/ MCA
9. CISSP & CEH ver 10 & above - Both good to have
Knowledge, Skills and abilities :Knowledge of:10. Technology Security Solutions - (NIPS, WAF, F/W, DLP, APT, XDR, DDOS, Email Security, IDAM, IRM, DAM, PIM/PAM etc.)
11. Vulnerability Assessment & Penetration Testing (Hands On)
12. Red Teaming Exercise
13. IT DR Drill
14. Managing a Security Operations Centre/ Managed Detection & Response
15. IT Security Operational activities
Skills in:16. Deployments of Technology Security solutions
17. Technology Security assessments - Network Security, Application Security, Server Security, End Point Security & Data Security
18. Cloud Security (AWS, Azure, O365) - Hybrid and Public
19. Security Operations Centre / Managed Detection and Response
20. IT Disaster Recovery and Data Privacy
21. Vulnerability Assessment & Penetration Testing
Ability to:22. Effectively communicate technical issues to diverse audiences, both in writing and verbally;
23. Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process;
24. Evaluate and update and/or revise program materials;
25. Learn quickly and apply knowledge to new situations;
26. Handle sensitive and confidential matters, situations, and data;
27. Understand and follow broad and complex instructions;
28. Comprehend technical language and to confer, analyze and write in an objective, lucid manner;
29. Work independently and prioritize multiple tasks and adapt to needed changes;
30. Remain calm under high pressure/difficult situations.