Ensure end-to-end security of applications, data, and infrastructure across web and server environments.
Maintain and enforce robust access control mechanisms, authentication protocols, and secure configuration baselines.
Conduct and coordinate regular security audits and ensure adherence to applicable compliance standards and policies.
Manage and oversee STQC certifications in line with guidelines from the Government of India.
Coordinate with CERT-In empanelled security auditors to conduct security audits of websites, portals, and systems.
Address and resolve vulnerabilities identified in Vulnerability Assessment (VA) reports (every 3 months) and Penetration Testing (PT) reports on an ongoing basis.
Ensure timely resolution of all security vulnerabilities flagged by CERT-IN, NIC, and other government bodies.
Develop and maintain SOPs for cybersecurity issues, including incident response plans, monitoring protocols, and mitigation procedures.
Recommend, implement, and manage security tools and technologies to counter potential threats.
Regularly assess and validate application security configurations and maintain a compliance repository as advised by NIC.
Stay updated on emerging cybersecurity threats and update the organizations defense mechanisms accordingly.
Provide expert advisory and periodic reports to ministry and leadership teams on security health and improvements.
Skills And Qualification
Minimum of 10 years of proven experience in cybersecurity, network security, or information security roles.
Strong knowledge of cybersecurity frameworks, standards, and regulations relevant to Government of India projects.
Hands-on experience with VA/PT tools, SIEM, firewalls, IDS/IPS, and endpoint protection platforms.
In-depth understanding of server security, web application security, and secure coding practices.
Experience coordinating with CERT-In auditors, NIC, or STQC.
Excellent analytical, troubleshooting, and documentation skills.
Certifications such as CEH, CISSP, CISA, CISM, or equivalent are preferred.
