Lead-Cyber Defense Center

Job Requirements

Role/ Job Title: Lead-Cyber Defense Center

Function/ Department: ISG

Job Purpose

The objective of the role is to manage & lead 24 x 7 Cyber Security Operations (Commercial SOC), Managed IT Infrastructure, Implement Standards, Policies & Procedures, Threat Hunting, VAPT, Incident Response & Resolution, Root Cause Analysis & Digital Forensic Investigation,

Roles & Responsibilities

• Manage & lead 24 x 7 Cyber Security Operations (Commercial SOC), Managed IT Infrastructure, Implement Standards, Policies & Procedures, Threat Hunting, VAPT, Incident Response & Resolution, Root Cause Analysis & Digital Forensic Investigation.
• SIEM Implementation, onboarding new devices, fine tuning, Correlation, AI Engine, Log custom parsing, use case creation, Web UI Optimization.
• Incident Management process design, implementation & automation of Alerts, Notifications, Incidents, Security Breaches & Cyber Security Best Practices using EDR, MDR, UEBA, SOAR solutions.
• Lead the IT Security Transformation Program & Remediation Program to address Risks across AV, patching, secure build, vulnerability scanning, Incident Management, Threat Management.
• Conduct Gap Assessment and subsequently provide remediation / solution in strategizing & designing IT Security Governance Frameworks, Processes & Controls.
• Assess the Identity & Access Management (IDAM) & Privileged Access Management (PAM) solution, design, practices to improve JML processes and Recertification Program
• Design, implementation & review Security & Compliance Policies, Procedures, Standards & Controls in-line with Central Bank Regulations, CSI benchmarks (SANS), ISO27001, NIST, CREST, etc.
• Review & implementation of Data Privacy & Protection controls as part of GDPR, HIPAA Policy Compliance that ensures confidentiality and security of customer, employee or patient data.
• Design, implementation & review of IT Resilience Program for effective IT DR & BCP by ensuring detailed Business Impact Analysis (BIA) & Risk Assessment.
• Rollout Cyber Security Awareness Program to Executive Level and wider Organization
• Review secure architecture designs, analyze effective solutions, monitoring & review of emerging mobile device platforms (iOS, Android), Cloud Services (IaaS, PaaS, SaaS), Big Data, social media, OT & CS (SCADA) using TOGAF / SASBA.
• Responsible & accountable for 99.9 % uptime & Business-As-Usual Operations of security Operations.
• Formulate the long-term security Strategy in alignment with overall mission & strategic direction of the Bank by constantly keep a connect with new developmental trends globally that merit business impact.
• Plan, validate design & implement IT Security standards & Governance to enhance business processes by mitigating Risk.
  
  

Secondary Responsibilities

• To act as head of CDC in absence of CDC, to manage VA / other functions in absence of respective leads unavailability.
  
  

Managerial And Leadership Responsibilities

• People, Talent Retention, Timely completion of Projects, Compliance with SLAs.
• Training.
• Mentoring.
  
  

Education Qualification

Graduation: BE/BTech/ BCA/ BSc. / B - IT or similar (Preferred). Other graduates can also apply if they have relevant experience/ certification in IT, Technology, Information Security etc.)

Post-graduation: MCA/ M Tech/ MSc or similar (not mandatory)

Experience: 14+ (Experience can be less basis merit and relevant experience/ certification).