IT Risk Manager - Vulnerability Management

Key Responsibilities :

- Vulnerability Management: Use a variety of VAPT tools like Burp Suite, OWASP ZAP, Nessus, Nmap, and Postman to assess applications and infrastructure.

- Security Best Practices: Ensure adherence to OWASP Top 10, API Security best practices, and secure coding principles across all development teams.

- Configuration Reviews: Conduct secure configuration reviews for firewalls, servers, endpoints, and API gateways to minimize vulnerabilities.

- DevSecOps: Help integrate security into our development lifecycle, working with Dev and Infra teams to ensure secure deployments.

- Incident Response: Participate in incident response workflows using tools like Splunk or CrowdStrike, and assist in maintaining incident response plans.

- Documentation & Compliance: Write and maintain security documentation, including SOPs.

- Ensure awareness and adherence to regulatory standards such as the RBI Cybersecurity Framework, PCI DSS, and NIST.

- Risk & Audits: Conduct risk assessments, security audits, and third-party security evaluations.

- Collaboration: Work closely with cross-functional teams (Development, Infrastructure, and Compliance) to ensure a unified and secure approach.

Education :

Specialized Knowledge : IT Risk Management and Operational Risk Management

Skill Set (Must) : IT Risk Management, Regulatory Knowledge, technical knowledge, Audit & Compliance, Analytical Skills, Reporting Skills

Skill Set (Desired) : IT Risk Management, Regulatory Knowledge, technical knowledge, Audit & Compliance, Analytical Skills, Reporting Skills

Technical Skill : IS standards, Risk Assessment tools, IT Infrastructure knowledge, Cybersecurity Concepts, Data Loss prevention tools

Experience Range : 5+ years