Manager Security Assurance - Chennai, India - SoftwareONE

Description

Why SoftwareOne? SoftwareOne is powered by Swomies Every day, 9000+ SoftwareOne colleagues – we call ourselves "Swomies" – partner with clients to deliver inspired technical and licensing solutions to engage their workforce and accelerate cloud maturity.

Our internal backbone of enablement functions needs to be strong to keep the company ready for delivering great services to our customers.

Our internal IT team is one of these competent and passionate teams that enables all Swomies to stay technically uptodate and keep SoftwareOnes operational excellence.

Lead (gn)

Security Assurance/ VAPT team:

Business IT / internal IT of SoftwareOne | pensum: full time | location: Chennai The role Role Description Security Assurance Manager, will lead the team to perform vulnerability assessment, vulnerability management and penetration testing on the infrastructure, systems and applications of SoftwareOne.

Will also be expected to be the technical expert in the team and mentor juniors as well as create and present reports to management and stakeholders.

Roles and Responsibilities:

As a Security Assurance Manager Plans and oversees the delivery of testing services to determine whether infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorization, and non-repudiation standards.

Reports on testing outcomes and activities. Provides recommendations and manages stakeholder expectations. Ensures compliance with assessment and testing standards, processes, and tools. Develops organizational testing capability and supports knowledge management.


Manage VAPT Deliverables:
Plan technology / resources for Assurance Team for successful execution of assurance function. Propose corrections and recommendations to improve and facilitate certification of software. Provide advice based on security VAPT considerations. Communicate the outcome of testing initiatives and results to the stakeholder groups. Approve documentation to certify penetration testing results. Develop frameworks and dashboards for the reporting of VAPT results.

Oversee vulnerability assessment and penetration testing (VAPT) activities:
Recommend strategies and techniques to mitigate identified risks. Design service strategies and scope for security testing technologies and solutions. Drive cyber security awareness within the organization. Recommend strategic and operational changes to security testing to address new threats. Provide advice on complex security test data analysis to support security vulnerability assessment processes, including root cause analysis. Establish test metrics to benchmark against requirements and industry best practices. Monitor the conduct of certification tests, audits, inspections and reviews. Act as an escalation point on issues, dependencies, and risks related to security testing.

Lead team members to continuously improve testing capabilities Incorporate emerging security and risk management trends, issues, and alerts in penetration testing activities.

Manage people and organization:
Review the utilization of resources. Implement succession planning initiatives for key management positions. Review operational strategies, policies and targets across teams and projects. Oversee the development of learning roadmaps for teams and functions. Establish performance indicators to benchmark effectiveness of learning and development programs against best practices. Develop strategies for resource planning and utilization.

Assists with the development and maintenance of IT security measurement and reporting systems to aid in monitoring effectiveness of IT Security programs.

Develop, revise and maintenance Standard Operating Procedures and Working Instructions of the SOC to the high standards and support/train VAPT Analysts.

Develop and maintain good communications and working relationships with teams and external clients.

What we need to see from you Work Experience:
8+ years of experience working with security technologies, SOC, monitoring, detecting, triaging and supporting security solutions.

In-depth Experience of Static & dynamic application code Security testing tool, deployment, Infrastructure vulnerability tool Experience and good understanding of Security Testing of application and Audit principles and associated compensating controls.

Experience and good understanding of:
Vulnerability Assessment of network and host-based security platforms Audit principles and associated compensating controls.

Experience on Security tools majorly Tenable and Qualys Integration of testing mechanisms with industry best practices such as OWASP & NIST.

Improving and maintaining secure development standards. Providing standard gap analysis services to internal business and technology partners.

In-depth experience in Mobile Application Testing and API testing Solid foundation of common software vulnerabilities and their mitigation Techniques Required knowledge: Strong experience of using Qualys Kali Linux and BurpSuite with good knowledge of Wireshark or Metaspoilt or Nessus or NMap Solid knowledge of system security vulnerabilities and remediation techniques.

Good Understanding of IT security policy, procedure, design, and implementation.

In-depth knowledge of vulnerability scanning & compliance tools or security analytics toolsets Basic Knowledge on security models such as ITIL, ISO27002, PCI DSS and Cobit 5 OSCP, LPT, Crest Certifications Preferred.

Qualifications Bachelor's degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.

This is what makes us special as an employer:

Global company culture:
We defined our lived culture through 7 core values )

Come as you are:
Wear what you feel comfortable in, not just while working from home President's Club: Exclusive recognition awarded by leadership and your peers


Flexible work:
Do great work from anywhere, deliver excellence everywhere


Employee Exchange Program:
Experience new colleagues and cultures around the world


Incentive programs:
SWOmies award bonuses to colleagues who go above and beyond


Lifelong education:
We pay for your new skills with tuition reimbursement.


Employee stock option programs (SIX:
SWON): Be an owner. All employees can be shareholders.


Hire to Grow:

We optimize our internal structures and feedback culture constantly to be your Employer of Choice, today and in future.

You need some more information? Check this link tree and find all information you need to decide for us:
You know someone who could be interested in working with us as well? Share this job (or another) with your network and get the chance of our referral bonus for external referrers. Any questions? E-meet me Hi, my name is Nicole and Im your partner in crime for this role. Im building bridges for you to the best careers perspective at SoftwareOne. Im happy to help you with insights and try to answer all your questions.


Let`s connect on LinkedIn:
Job Function Business IT

Work Experience: 8+ years of experience working with security technologies, SOC, monitoring, detecting, triaging and supporting security solutions.

In-depth Experience of Static & dynamic application code Security testing tool, deployment, Infrastructure vulnerability tool Experience and good understanding of Security Testing of application and Audit principles and associated compensating controls.

Experience and good understanding of:
Vulnerability Assessment of network and host-based security platforms Audit principles and associated compensating controls.

Experience on Security tools majorly Tenable and Qualys Integration of testing mechanisms with industry best practices such as OWASP & NIST.

Improving and maintaining secure development standards. Providing standard gap analysis services to internal business and technology partners.

In-depth experience in Mobile Application Testing and API testing Solid foundation of common software vulnerabilities and their mitigation Techniques Required knowledge: Strong experience of using Qualys Kali Linux and BurpSuite with good knowledge of Wireshark or Metaspoilt or Nessus or NMap Solid knowledge of system security vulnerabilities and remediation techniques.

Good Understanding of IT security policy, procedure, design, and implementation.

In-depth knowledge of vulnerability scanning & compliance tools or security analytics toolsets Basic Knowledge on security models such as ITIL, ISO27002, PCI DSS and Cobit 5 OSCP, LPT, Crest Certifications Preferred.

Qualifications Bachelor's degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience.

This is what makes us special as an employer:

Global company culture:
We defined our lived culture through 7 core values )

Come as you are:
Wear what you feel comfortable in, not just while working from home President's Club: Exclusive recognition awarded by leadership and your peers


Flexible work:
Do great work from anywhere, deliver excellence everywhere


Employee Exchange Program:
Experience new colleagues and cultures around the world


Incentive programs:
SWOmies award bonuses to colleagues who go above and beyond


Lifelong education:
We pay for your new skills with tuition reimbursement.


Employee stock option programs (SIX:
SWON): Be an owner. All employees can be shareholders.


Hire to Grow:

We optimize our internal structures and feedback culture constantly to be your Employer of Choice, today and in future.

You need some more information? Check this link tree and find all information you need to decide for us:
You know someone who could be interested in working with us as well? Share this job (or another) with your network and get the chance of our referral bonus for external referrers. Any questions? E-meet me Hi, my name is Nicole and Im your partner in crime for this role. Im building bridges for you to the best careers perspective at SoftwareOne. Im happy to help you with insights and try to answer all your questions.


Lets connect on LinkedIn:

Role Description Security Assurance Manager, will lead the team to perform vulnerability assessment, vulnerability management and penetration testing on the infrastructure, systems and applications of SoftwareOne.

Will also be expected to be the technical expert in the team and mentor juniors as well as create and present reports to management and stakeholders.

Roles and Responsibilities:

As a Security Assurance Manager Plans and oversees the delivery of testing services to determine whether infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorization, and non-repudiation standards.

Reports on testing outcomes and activities. Provides recommendations and manages stakeholder expectations. Ensures compliance with assessment and testing standards, processes, and tools. Develops organizational testing capability and supports knowledge management.


Manage VAPT Deliverables:
Plan technology / resources for Assurance Team for successful execution of assurance function. Propose corrections and recommendations to improve and facilitate certification of software. Provide advice based on security VAPT considerations. Communicate the outcome of testing initiatives and results to the stakeholder groups. Approve documentation to certify penetration testing results. Develop frameworks and dashboards for the reporting of VAPT results.

Oversee vulnerability assessment and penetration testing (VAPT) activities:
Recommend strategies and techniques to mitigate identified risks. Design service strategies and scope for security testing technologies and solutions. Drive cyber security awareness within the organization. Recommend strategic and operational changes to security testing to address new threats. Provide advice on complex security test data analysis to support security vulnerability assessment processes, including root cause analysis. Establish test metrics to benchmark against requirements and industry best practices. Monitor the conduct of certification tests, audits, inspections and reviews. Act as an escalation point on issues, dependencies, and risks related to security testing.

Lead team members to continuously improve testing capabilities Incorporate emerging security and risk management trends, issues, and alerts in penetration testing activities.

Manage people and organization:
Review the utilization of resources. Implement succession planning initiatives for key management positions. Review operational strategies, policies and targets across teams and projects. Oversee the development of learning roadmaps for teams and functions. Establish performance indicators to benchmark effectiveness of learning and development programs against best practices. Develop strategies for resource planning and utilization.

Assists with the development and maintenance of IT security measurement and reporting systems to aid in monitoring effectiveness of IT Security programs.

Develop, revise and maintenance Standard Operating Procedures and Working Instructions of the SOC to the high standards and support/train VAPT Analysts.

Develop and maintain good communications and working relationships with teams and external clients.