Job Description

Job Summary
As a cybersecurity manager, you'll develop and oversee the implementation of our firm's cybersecurity strategies. You will be crucial to protect our company's digital assets, ensure compliance with security standards, and mitigate risks. You will also make sure our information assets and technologies are adequately protected from current and emerging threats.
The role demands a seasoned professional with 12-15 years of core experience in cybersecurity operations, governance, and engineering. Familiarity with IoT security and DevSecOps methodologies is desirable and will be considered a distinct advantage.
Key Responsibilities
Daily Security Operations:

• o Administer and optimize cybersecurity solutions including Antivirus (AV), WAF, Email Security Gateways, DLP, MAM (e.g., Intune), PAM, and other security tools.
• o Handle day-to-day security events, log analysis, and escalation procedures through Incident Response processes.
• o Coordinate with stakeholders during major security incidents and ensure post-incident reporting and root cause analysis.
• o Integrate security controls and vulnerability scanning
• o Manage vulnerabilities & implement security controls, prepare priority vulnerability report and coordinate with cross functional teams.
• o Plan and deliver regular awareness sessions and workshops across the organization to promote a security-conscious culture.
• o Conduct phishing simulation campaigns and evaluate employee awareness metrics.
• o Prepare engaging training material customized for technical and non-technical audiences.
• o Daily manage security incidents and coordinate with cross functional teams for incident response.
• Improvement and optimization:
• o Fine-tune detection rules, policies, and configurations across all security solutions to reduce false positives and enhance detection accuracy.
• o Secure cloud workloads on platforms such as Microsoft Azure or AWS by applying industry's best practices.
• o Secure IoT/OT environments include asset discovery, segmentation, and access restrictions.
• o Participate in the design and implementation of new security technologies and tools.
• o Provide security consultation to IT and business teams for new projects and infrastructure rollouts.
• Process & Governance:
• o Review cloud architecture for compliance with security baselines and organizational policies.
• o Perform cybersecurity risk assessments and propose mitigation strategies based on risk appetite.
• o Contribute to ISO 27001 compliance efforts including internal audits, gap assessments, and policy reviews.
• o Support third-party/vendor security evaluations and ensure secure onboarding processes.

Required Qualifications

• o Bachelor's degree in computer science/BTech (Must) in the field of Cybersecurity/Information Systems/Information Technology or a related field.
• o 12-15 years of hands-on experience in the cybersecurity domain.
• Cybersecurity Certifications (Mandatory)
• o Required: Microsoft Certified: Security Operations Analyst Associate/Certified SOC Analyst (C|SA)/ CEH/CompTIA Security +
• o CISM/CISSP certified
• o ISO 27001 Lead Implementer or Lead Auditor

Tools Technical Skills knowledge

• o Email security: MIMECAST/Proofpoint/Barracuda
• o Antivirus: CrowdStrike/Sentinel One
• o Network Security: Palo Alto/Fortinet
• o Web application Security: Cloudflare or F5
• o Any Security Awareness Tool i.e. PhishRod etc.
• o In-depth knowledge of threat detection, incident response, and log correlation.
• o DevSecOps and CI/CD pipeline security
• o Cloud-native security tools (Azure, AWS etc.)
• o Email and endpoint protection solutions
• o IoT/OT security fundamentals
• o Cybersecurity risk assessment methodology and documentation

Soft Skills

• o Strong problem-solving and critical-thinking abilities.
• o Excellent interpersonal and presentation skills, especially in conducting training sessions.
• o Ability to work independently and collaboratively across technical and business teams.