Senior Manager – Application Security

Job Details

Job Title

Senior Manager – Application Security

Department

Cyber Security

Reporting to

CISO

Location

Ahmedabad

Job Objective

To support the CISO in effective governance of the cyber security department

To support and monitor all ongoing cyber security projects in ensuring timely delivery and closure

To support cultivation of strategic relationships with partners through effective partner engagement

Roles and Responsibilities

Strategic Roles & Responsibilities

CISO STRAP

Support CISO by collating and providing inputs to define the operating plan for cyber security

Establish and share guidelines for budget preparation with businesses; Collate group cyber security budget by consolidating budgets from each department/business and budgeting for group-level initiatives; Consult CISO and seek approval to finalize budget

CISO Performance Metrics

Basis guidance from CISO establish key performance indicators to effectively measure the cyber department performance

Enable thorough measure of success of activities by implementing appropriate frameworks

Governance & Compliance

Provide inputs to define cyber governance frameworks and establish governance systems, processes and control systems

Continuously monitor and ensure adherence to defined governance protocols

Track and monitor adherence to defined budgets; Provide guidance or action plan to overcome deviations if any

Committees and Councils

Define structure, composition, frequency of meetings and objectives of different governance committees in consultation with CISO

Ensure that committees convene as per the prescribed timelines to evaluate initiatives and projects undertaken; Participate in governance committees to share insights from a governance perspective

Vendor-Partner Management and Engagement

Manage vendor-partner identification, evaluation, selection and contracting processes for critical projects at the group level to support the CISO

Collaborate with cyber departments to articulate the RFP and share it with the identified partners

Support CISO to evaluate Cyber services partners basis capability, market presence and strength of their commercial proposals

Articulate and finalize contract in concurrence with the CISO, concerned departments and partner; define scope of work, project RACI and SLAs

Track partner performance to ensure project delivery basis expected quality, timelines and budgetary considerations, and address non-performance; Conduct regular partner performance reviews based on project criticality

Manage escalations related to partner (non)performance, scoping issues, partner pay-outs

Cultivate strategic relationships with partners and effectively leverage them for value additions to company

Engage with partners on a frequent basis for a win-win relationship; Facilitate organization of capability road shows/ POCs by partners to increase partner engagement with the organization

Project Governance, PMO and SLA Assurance

Review processes for effective program management of Cyber Projects; Classify projects into different categories basis project size, duration, complexity and criticality to establish project governance levels

Maintain oversight over fulfilment of project expectations (in terms of timelines, budget and quality) and adherence to defined SLAs; Conduct exhaustive reviews at pre-established critical project milestones

Ensure timely completion of projects within allocated budgets and with quality outcomes

Review applicable SLA frameworks and accordingly determine KPIs to comprehensively track different project elements

Support CISO in evaluating costs and risks to determine optimal SLAs, terms and conditions and consequences for the project

Operational Excellence and Review

Report service level attainment results and provide inputs on improvement opportunities

Implement continuous process improvements for Cyber operations and benchmark them with industry standards

Customer Feedback

Drive customer feedback collection for cyber services and solutions; Define tools & techniques to capture and analyze customer feedback

Analyse customer satisfaction levels and support CISO to identify measures to improve customer satisfaction levels based on feedback received

Job Profile

Educational qualifications:

Bachelor’s in Computer Science or related IT-related discipline.

Advanced educational qualifications, such as an MBA in Information Systems or a related field.

One or more of the following certifications: Certified Information Security Manager (CISM), Certified in Risk Management and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Security Professional (CISSP).

Experience:

8-13 yrs of experience

Experience VAP Penetration testing, Mobile application testing, thick app testing

Knowledge of Risk Assessment Framework

Mandatory Certification OSCP OR OSCE OR OSWE