Senior Manager – Application Security
Job Details
Job Title
Senior Manager – Application Security
Department
Cyber Security
Reporting to
CISO
Location
Ahmedabad
Job Objective
To support the CISO in effective governance of the cyber security department
To support and monitor all ongoing cyber security projects in ensuring timely delivery and closure
To support cultivation of strategic relationships with partners through effective partner engagement
Roles and Responsibilities
Strategic Roles & Responsibilities
CISO STRAP
Support CISO by collating and providing inputs to define the operating plan for cyber security
Establish and share guidelines for budget preparation with businesses; Collate group cyber security budget by consolidating budgets from each department/business and budgeting for group-level initiatives; Consult CISO and seek approval to finalize budget
CISO Performance Metrics
Basis guidance from CISO establish key performance indicators to effectively measure the cyber department performance
Enable thorough measure of success of activities by implementing appropriate frameworks
Governance & Compliance
Provide inputs to define cyber governance frameworks and establish governance systems, processes and control systems
Continuously monitor and ensure adherence to defined governance protocols
Track and monitor adherence to defined budgets; Provide guidance or action plan to overcome deviations if any
Committees and Councils
Define structure, composition, frequency of meetings and objectives of different governance committees in consultation with CISO
Ensure that committees convene as per the prescribed timelines to evaluate initiatives and projects undertaken; Participate in governance committees to share insights from a governance perspective
Vendor-Partner Management and Engagement
Manage vendor-partner identification, evaluation, selection and contracting processes for critical projects at the group level to support the CISO
Collaborate with cyber departments to articulate the RFP and share it with the identified partners
Support CISO to evaluate Cyber services partners basis capability, market presence and strength of their commercial proposals
Articulate and finalize contract in concurrence with the CISO, concerned departments and partner; define scope of work, project RACI and SLAs
Track partner performance to ensure project delivery basis expected quality, timelines and budgetary considerations, and address non-performance; Conduct regular partner performance reviews based on project criticality
Manage escalations related to partner (non)performance, scoping issues, partner pay-outs
Cultivate strategic relationships with partners and effectively leverage them for value additions to company
Engage with partners on a frequent basis for a win-win relationship; Facilitate organization of capability road shows/ POCs by partners to increase partner engagement with the organization
Project Governance, PMO and SLA Assurance
Review processes for effective program management of Cyber Projects; Classify projects into different categories basis project size, duration, complexity and criticality to establish project governance levels
Maintain oversight over fulfilment of project expectations (in terms of timelines, budget and quality) and adherence to defined SLAs; Conduct exhaustive reviews at pre-established critical project milestones
Ensure timely completion of projects within allocated budgets and with quality outcomes
Review applicable SLA frameworks and accordingly determine KPIs to comprehensively track different project elements
Support CISO in evaluating costs and risks to determine optimal SLAs, terms and conditions and consequences for the project
Operational Excellence and Review
Report service level attainment results and provide inputs on improvement opportunities
Implement continuous process improvements for Cyber operations and benchmark them with industry standards
Customer Feedback
Drive customer feedback collection for cyber services and solutions; Define tools & techniques to capture and analyze customer feedback
Analyse customer satisfaction levels and support CISO to identify measures to improve customer satisfaction levels based on feedback received
Job Profile
Educational qualifications:
Bachelor’s in Computer Science or related IT-related discipline.
Advanced educational qualifications, such as an MBA in Information Systems or a related field.
One or more of the following certifications: Certified Information Security Manager (CISM), Certified in Risk Management and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Security Professional (CISSP).
Experience:
8-13 yrs of experience
Experience VAP Penetration testing, Mobile application testing, thick app testing
Knowledge of Risk Assessment Framework
Mandatory Certification OSCP OR OSCE OR OSWE
AddRec Solutions Pvt. Ltd. © 2024 | All Rights Reserved
MANAGED BY INFIEGRITY SOLUTIONS