Security Operations Manager - Vulnerability Management

Job Description

Req ID:479817

Joining us meansjoininga truly global community ofmore than38 900 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.

Security operations Manager is also expected to manage the metrics program, assist in managing Securityoperations and lead improvement programs within the security function. Security Operations Manager will work closely with Technology and Solution Architects, DS operations and business teams to manage overall security of the organization.

OVERALL PURPOSE OF THE ROLE:

The primary responsibility of the Security Operations Manager is to ensure security Vulnerabilities are scanned/prioritized and remediated working with right stake holders. The security manager will work closely with Design Authority, Solution Architects, IS Design, IS&T operations and business teams to manage security of the organization

RESPONSIBILITIES:

• Experience performing vulnerability Management, prioritization based on critialicality and exposure/expointationand work closely with stake holders to remediate Vulnerabilities.
• Responsible for day to day operations of VM service, including management of partner resources
• Responsible for integrating SNOW modules to allocate vulnerabilities to right stake holders
• Feasibility engagements with business groups to ensure security requirements are discussed and incorporated early in the process.
• Assesses risks and identifies issues and solutions to timely and efficiently achieve program goals or project objectives while maintaining security standards.
• Maintain an awareness of business, technical, architecture, infrastructure, and end user support issues and act as sounding board to aid in the development of creative solutions
• Uses judgment in data analysis to develop and design solutions.
• Develop and maintain measurable security metrics program Assess performance to ensure that it meets the present and future needs of the business.
• Support business needs in developing and maintaining service and dashbaords and features and work with other stake holders like network and systems requirements in accordance with security standards
• Responsible for management of information security strategy, solutions, and ongoing technology refresh and enhancements
• Analyze vulnerability management reports / external threats and recommend remediation actions based on application risk profile and environment.
• In-Depth understanding of various information VMtools and technologies like Qualys, Nessus, Skybox etc
• Develop and validate related flows matrices and configuration standards for each provided technology with support of provider.

• To be considered for this role, candidate need to demonstrate the following skills experience and attributes:
• Bachelor's/Master's degree in Engineering/Technology or related field
• Minimum 8-12years of relevant IT experience
• Hands-on experience with one of the major SIEM platforms in use i.e Splunk, QRadar, Arcsight
• Experience performing security monitoring and incident response and triage work in a 24/7 environment.
• Professional industry standard certifications like CISSP, CEH, GIAC, CISM, etc. will be an added advantage
• Experience with various IT / Security technologies - including, Active Directory, DNS, Messaging, Firewalls/ VPN Gateways, IPS, Proxy, WAF, PKI, IAM, etc.
• Proficient hands-on experience and understanding of various security tools and technologies.
• Exposure to forensic lifecycle process including securely acquiring the image, analyzing it and extracting the relevant data as per the investigation requirements
• Must understand and have worked in the security operations centre for minimum of 4- 6years
• Demonstrated leadership experience in the area of Security Operations
• Good understanding of tools like CyberArk, PingIdentity, Sailpoint, Qualys, Veracode, Nessus, Skybox, SecOps
• Experience in an operational role working directly with internal and external customers, trouble ticketing systems, and incident management
• Solid understanding of ITIL process framework
• Proven planning, prioritization, and organizational skills
• Demonstrated drive for continuous learning, results-orientation, and teamwork
• Ability to drive change through innovation & process improvement
• Ability to manage projects and drive action items with customers and cross-functional peers
• Proven crisis management skills
• Professional & concise communication (written & verbal)
• Ability and flexibility to adapt to change, including shifting and competing priorities
• Demonstrated ability to be a big picture thinker, strategist, and long term planner
• Strong analytical skills with demonstrated problem solving ability.
• Project management skills with a proven ability to design workable solutions will be an added advantage.
• Exposure to ISO 27002 and ISO 27005

An agile, inclusive and responsiblecultureis the foundation of ourcompanywhere diverse people are offered excellent opportunities to grow, learn and advanceintheir careers.We are committed toencouragingour employeesto reach their full potential,while valuing and respecting them as individuals.