Search by job, company or skills

GSPANN Technologies, Inc

Security Delivery Manager

GSPANN Technologies, Inc
Hyderabad, India
12-15 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 22 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

SIEM, SOAR, EDR, XDR, SAST, DAST, SCA, ASPM Platforms, Penetration Testing & MITRE ATTACK, Vulnerability Management (Qualys, Tenable, Rapid7), EPSS, KEV, CSPM, CNAPP, CIEM, IaC Scanning (Checkov, Terraform), .NET, IAM, PAM, IGA, Data Security & DLP, AI Security Guardrails, Secure SDLC, Encryption, Network Security, Zero Trust

Description

GSPANN is hiring a Security Delivery Manager to lead end-to-end enterprise security operations and programs. The role focuses on SOC operations, application and cloud security, vulnerability management, and driving measurable risk reduction across modern technology environments.

Location: Gurugram / Hyderabad

Role Type: Full Time

Published On: 23 December 2025

Experience: 12 - 15 Years

Share this job

Description

GSPANN is hiring a Security Delivery Manager to lead end-to-end enterprise security operations and programs. The role focuses on SOC operations, application and cloud security, vulnerability management, and driving measurable risk reduction across modern technology environments.

Role and Responsibilities

  • Operate and continuously improve a 247 Security Operations Center (SOC), covering alert triage, incident response, escalation management, and playbook development.
  • Conduct post-incident reviews and root cause analysis, integrate threat intelligence feeds, and run purple team exercises aligned to the MITRE ATT&CK framework.
  • Optimize detections to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), while maintaining operational dashboards and leading weekly and monthly performance reviews.
  • Implement and govern Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Dynamic Application Security Testing (DAST) within CI/CD pipelines.
  • Enforce security policy gates, manage Application Security Posture Management (ASPM), and track remediation SLAs and exploitability metrics.
  • Build threat models using STRIDE and LINDDUN, and manage security controls across GitHub and GitLab.
  • Plan and execute penetration testing across web, API, mobile, cloud, and network assets.
  • Lead red team and purple team exercises, and manage risk-based vulnerability programs using CVSS, EPSS, and Known Exploited Vulnerabilities (KEV).
  • Oversee attack surface management, asset inventory hygiene, patch orchestration, and exception governance.
  • Establish AI/ML security controls, including prompt injection defenses, data leakage prevention, adversarial testing, and model integrity validation.
  • Define usage policies for internal and external Large Language Models (LLMs), and implement logging, monitoring, and guardrails aligned with privacy requirements.
  • Manage Cloud Security Posture Management (CSPM), Cloud-Native Application Protection Platforms (CNAPP), and Cloud Infrastructure Entitlement Management (CIEM) across Azure, AWS, and GCP.
  • Implement Kubernetes and container security, Zero Trust architectures, Infrastructure as Code (IaC) scanning, secrets management, and cloud hardening baselines.
  • Develop cloud-native detection strategies and workload protection controls.
  • Enforce identity and access controls, including least privilege, Multi-Factor Authentication (MFA), Role-Based / Attribute-Based Access Control (RBAC / ABAC), and Privileged Access Management (PAM).
  • Manage joiner, mover, and leaver lifecycles, data classification, encryption, and Data Loss Prevention (DLP) programs.
  • Align the security program with ISO 27001/27002, SOC 2, PCI DSS, and HIPAA (if applicable).
  • Maintain risk registers, oversee control testing, support audits, manage remediation tracking, and handle security RFP/RFI responses.
  • Own the security services roadmap, quarterly OKRs, and budget management.
  • Manage vendors and Statements of Work (SOWs), prioritize initiatives aligned to business goals, and lead war rooms for Sev-1 incidents.
  • Translate security metrics into executive dashboards and provide proactive guidance to product and engineering teams.

Skills And Experience

  • Bachelor's degree in Computer Science, Engineering, or equivalent; a Master's degree is preferred.
  • 12-15 years of experience in cybersecurity, with 6+ years leading SOC, Application Security, DevSecOps, or Vulnerability Management programs.
  • Strong hands-on experience across cloud security (Azure, AWS, GCP), Kubernetes, containers, microservices, and modern CI/CD platforms.
  • Industry certifications such as CISSP, CISM, CRISC, OSCP/OSWE/OSCE, CEH, CCSP, AZ-500, AWS Security Specialty, ISO 27001 LA/LI, or PCI ISA/QSA are desirable.
  • Excellent leadership, stakeholder communication, executive reporting, vendor management, analytical problem-solving, and change management skills.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

Job ID: 142004333

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 27-02-2026 06:05:48 PM
Homejobs in Hyderabad / Secunderabad, TelanganaSecurity Delivery Manager