Information Technology Security Specialist

WORK DETAILS

Location: SkyOne Corporate Park, Viman Nagar, Pune.

Working Days: Monday to Friday.

Work Timing: 0900h to 1800h.

Reporting to: IT Head.

POSITION DETAILS

Role Summary:

• You will work in coordination with the group Chief Information Security Officer and the HQ security team as Cyber Security Specialist, taking care of the security of data, infrastructures, architectures, applications and processes of the Company.

Essential Qualification:

• Bachelors degree in computer science, Information Systems, or equivalent education or work experience.

WorkExperience:

• 3 - 5 years of experience in cybersecurity, information technology and networks area, possibly in an international environment and midsize or large company.

Preferred Industry Experience:

• Automobile Industry.
• Auto Ancillary companies.

Preferred Technical Skills and Certification:

1. Knowledge of the regulations about vehicles cyber security (UNECE R155, R156, ISO / SAE 21434), and knowledge of architecture and typical vulnerabilities of in-vehicle cyber systems.
2. Proficient to use logic and reasoning to identify the strengths and weaknesses of IT systems.
3. Hands on experience in managing end-to-end projects in the cyber security area.
4. Knowledge of international security standards and Management System frameworks (ISO 27001 / 2005, NIST, ITIL, etc.)
5. Knowledge of the main relevant regulations and ICT-related impacts both local and international (GDPR, Protection Act).
6. Experience on systems and networks security, authentication methods (Azure MFA and Password Protection, Single Sign On standards), identity protection and application security.
7. Knowledge of endpoint protection technologies and MDR services (Kaspersky), firewall solutions (Fortinet, Palo Alto), internet access protection (Zscaler), as well as ZTNA, NAC and DLP principles and methodology.

Looking to get Placed? Try our Placement Guarantee Plan

Get Hired
8. Knowledge of the main Information Security methods and process (Incident Management, Threat Intelligence, Vulnerability Management, Security Testing, Identity & Access Management, Data Classification, etc.)

Key Deliverables:

1. Collaborate with the CISO in the definition of security standards, policies, and best practices and assure their local implementation.
2. Follow the implementation of the cybersecurity technologies and projects accordingly with the Company cybersecurity strategy, plans and goals.
3. Work to increase the cybersecurity posture of the Company by assessing the current situation and evaluating trends to anticipate security requirements.
4. Perform and share Risk Evaluation to support decisions in case of gaps in respect to the Company standards and cybersecurity best practices.
5. Verify and assure the effectiveness of the implemented measures and technologies against security risks, and of the defined best practices, and monitor their applicability.
6. Being involved and taking active role in the Incident Management Process of the Group by following the incident from origin to resolution and monitoring defined KPI and the performances of partners and service solution providers.
7. Take the lead in day-to-day monitoring for unusual activities, implement defensive protocols, and report incidents.
8. Take the lead of the remediation process (patch installation, vulnerability fixing) after new vulnerabilities are discovered on systems and applications.
9. Support to the identification and definition of actions, rules and processes required to comply to applicable Indian and /or international regulations.
10. Support in the implementation and maintaining the documentation of security guidelines, procedures, standards, and controls.
11. Work together with the ICT team and being involved in all the projects definition (high level design and low-level design), development, and implementation phases to ensure the application of the security by design and security by default principles.
12. Contribute to team effort by accomplishing related results as needed.
13. Keep users informed by preparing performance reports, communicating system status.
14. Maintain quality service by following organization standards.