IT Security Manager

- Monitor and respond to security incidents, vulnerabilities, and threats in real time.

- Conduct systematic risk assessments of the current infrastructure periodically to identify risks, gaps in control, gaps in security configs. Prepare risk register to track the risks and to improve on controls

- Design and implement security systems, including firewalls, encryption protocols, and intrusion detection systems (IDS/IPS).

- Manage security tools such as SIEM, endpoint protection (EDR), DLP, and other security solutions.

- Develop and enforce security policies, standards, and procedures across the organization.

- Prepare hardening baselines for OS, network equipment, security equipment, DBMS, any other systems that require baselines

- Coordinate with internal and external auditors to perform regular audits and ensure compliance with regulatory frameworks (e.g., ISO 27001, NIST, etc.

- Provide training and awareness to employees on cybersecurity best practices. Collaborate with IT teams to secure cloud, on-premise, and hybrid environments.

- Prepare detailed reports on security incidents and recommend improvements.

- Prepare IT related compliance reports pertaining to compliance with Regulatory frameworks like CSCRF, Cloud Framework etc.

- Prepare cyber crisis management plans, cyber playbooks and develop plans to deal with any cyber security crisis

- Coordinate with external agencies to get the VAPT testing / remediation done to meet the compliance requirements as well as internal mandates.

- Work with the SOC / SIEM providers to optimize scenarios configured in these tools to get proper real-time information on cyber incidents

- Implement and monitor / improve security controls like PAM, Dark Web monitoring, Attack Surface Management etc.

- Perform periodic compliance checks mandated in Security manager's role like access audits of various systems, privileged system access audits etc.