Talent.com
HDB Financial Services - Senior Manager - Information Security & Governance
HDB Financial Services - Senior Manager - Information Security & GovernanceHDB Financial Services Ltd • Mumbai
No longer accepting applications
HDB Financial Services - Senior Manager - Information Security & Governance

HDB Financial Services - Senior Manager - Information Security & Governance

HDB Financial Services Ltd • Mumbai
30+ days ago
Job description

HDB Financial Services Ltd is looking for an experienced Red Team Assessment expert to join our Cyber Security Team.

This role is responsible for simulating real-world attacks to test the effectiveness of our security controls, detection capabilities, and incident response processes.

The ideal candidate will have a strong background in offensive security, a deep understanding of adversary tactics, and the ability to provide actionable insights to strengthen our overall security posture.

Technical Configuration Audit Based Assessment role to strengthen our IT and Cyber Security Posture.

The role is responsible for reviewing assessing and auditing systems, network and security configuration to ensure compliance with internal policies, regulatory requirement and industry best practices.

This role will play a key role in identifying misconfiguration, recommending corrective measures and ensuing that IT and Cyber Security solution are implemented securely and effectively.

Key Responsibilities :

Red Team Assessment :

  • Conduct red team exercises to mimic sophisticated cyberattacks and evaluate the effectiveness of security controls.
  • Develop and execute complex attack scenarios using tactics, techniques, and procedures (TTPs) aligned with real-world threat actors.
  • Perform internal Red Team Assessment across networks, applications, endpoints, and cloud environments.
  • Develop and deploy custom attack tools and payloads (e., backdoors, phishing kits, webshells).
  • Use frameworks like MITRE ATT&CK to guide threat simulation strategies.
  • Emulate advanced persistent threat (APTs) using industry-recognized tactics, techniques and procedure (TTPs).
  • Document attack paths, vulnerabilities exploited, and lateral movement techniques, including attack scenarios, vulnerabilities, and recommendations for remediation.
  • Develop custom scripts, tools and methodologies.
  • Hand-on experience with Active Directory attacks, exploitation frameworks and scripting (Python, PowerShell, Bash etc.
  • Assist SOC team to simulate the SOC Use Case.
  • Assist internal team for Breach Attack Simulation scan and improve overall BAS posture.
  • Identify and exploit vulnerabilities across infrastructure, applications, cloud environment and physical security.
  • Provide detailed reports with remediation strategies and executive summaries.
  • Collaboration with Blue Teams Work closely with defensive teams to share insights, improve detection capabilities, and strengthen incident response.
  • Track remediation efforts and perform follow-up to confirm closure of reported findings.

Configuration Audit Based Assessment :

  • Conduct technical configuration audits across servers, database, endpoints, network devices, cloud platforms and cyber security solutions.
  • Review system and security settings to ensure alignment with secure configuration standards as per CIS, NIST, ISO & Regulatory requirements.
  • Identify configuration gaps, control weaknesses and recommend remediation steps.
  • Work with IT, Infrastructure and Security Operations teams to validate configuration compliance.
  • Document audit findings, prepare reports and present results to stakeholders in a clear and structured manner.
  • Support risk assessments and internal / external audits by providing configuration compliance evidence.
  • Stay updated evolving security standards, compliance requirements and vendor configuration guidelines.
  • Track remediation efforts and perform follow-up audits to confirm closure of findings.

    • Mandatory Skills Required :

  • Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience).
  • MITRE ATT&CK mapping and threat modelling.
  • Strong understanding of regulatory frameworks (RBI, ISO 27001).
  • Excellent soft skills : stakeholder communication, presentation, and leadership.
  • Certifications such as OSCP, OSCE, CEH, GPEN are highly preferred.
  • Understanding of secure network architecture, segmentation and defence in depth.
  • Designing and implementing security controls across systems, networks and applications.
  • Ability to analyze complex security issues and clearly communicate them to non-technical stakeholders.
  • Strong understanding of offensive security techniques and threat modeling.
  • Proficiency in scripting languages (Python, Bash, PowerShell).
  • Experience with tools like Metasploit, Cobalt Strike, Burp Suite, and Nmap.
  • Familiarity with cloud platforms (AWS, Azure, GCP) and their security configurations.
  • Knowledge of regulatory frameworks and audit standards.
  • Ability to write clear, actionable technical and executive-level reports.
  • Certifications such as OSCP, CRTP, CEH, or CISSP are highly desirable.
  • Familiarity with secure configuration frameworks such as CIS Benchmarks, NIST Framework, ISO 27001 etc.

    • Preferred Traits :

  • Analytical mindset with attention to detail.
  • Excellent communication and collaboration skills.
  • Passion for cybersecurity and continuous learning.

    • (ref : hirist.tech)

    Create a job alert for this search

    Senior Manager Service • Mumbai

    Related jobs
    Senior Manager - Cybersecurity & Infrastructure

    Senior Manager - Cybersecurity & Infrastructure

    Comaea Consulting • Mumbai, Maharashtra, India
    Our client is a leading MNC in the maritime industry seeking a Senior Cybersecurity & Infrastructure Manager to strengthen and secure its global digital infrastructure across offices and fleet oper...Show more
    Last updated: 30+ days ago • Promoted
    Senior Infosec Engineer – Cloud & Security Solutions

    Senior Infosec Engineer – Cloud & Security Solutions

    IDfy • Mumbai, Maharashtra, India
    IDfy is Asia’s leading TrustStack, trusted by the best, with global expertise and enterprise-grade tech, we’re solving trust challenges, making compliance easy, fraud detection smarter, and onboard...Show more
    Last updated: 9 days ago • Promoted
    Manager - Information Security

    Manager - Information Security

    Hipos Consulting Services LLP • Navi Mumbai
    About : - Master's or bachelor's degree in information technology / Information Security / Computer Science, or a related field. Information Security, specifically in ...Show more
    Last updated: 30+ days ago • Promoted
    Manager - Enhanced Due Diligence - ISG Management

    Manager - Enhanced Due Diligence - ISG Management

    Morgan Stanley • Mumbai, India
    We are the Non-Financial (NFR) group within the Institutional Securities Group (ISG) management function.NFR is responsible for managing several non-financial risks across ISG, including but not li...Show more
    Last updated: 30+ days ago • Promoted
    SOC Manager

    SOC Manager

    Network Intelligence • Mumbai, Maharashtra, India
    The SOC Manager will lead and mature the Security Operations Center (SOC), overseeing threat monitoring, detection, incident response, and overall security operations. This role requires strong lead...Show more
    Last updated: 15 days ago • Promoted
    VIBS Infosol - Manager - IT Security

    VIBS Infosol - Manager - IT Security

    VIBS INFOSOL PRIVATE LIMITED • Mumbai
    Description : Company Description : At VIBS Infosol, we strive to provide top-tier technology practices in the area o...Show more
    Last updated: 16 days ago • Promoted
    Information Security Manager

    Information Security Manager

    Confidential • Mumbai, India
    Senior Manager – Information Security.The Senior Manager – Information Security will spearhead the development and execution of a comprehensive information security strategy that supports the organ...Show more
    Last updated: 27 days ago • Promoted
    Senior Application Security Manager

    Senior Application Security Manager

    ARCON • Mumbai, Maharashtra, India
    We are seeking a highly experienced and strategic-minded Senior Manager of Application Security to lead our security initiatives. The ideal candidate will be a seasoned leader with a deep understand...Show more
    Last updated: 30+ days ago • Promoted
    Senior Manager - Information Security

    Senior Manager - Information Security

    NMS Consultant • Mumbai
    Description : The Senior Manager Information Security will spearhead the development and execution of a comprehensive information security strateg...Show more
    Last updated: 30+ days ago • Promoted
    Senior Manager Information Security

    Senior Manager Information Security

    Confidential • Mumbai
    As a Senior Manager of Information Security, you will play a pivotal role in leading andmanaging a team of skilled information security professionals. This role demands acomprehensive understanding ...Show more
    Last updated: 16 days ago • Promoted
    Lead - Information Security Audit

    Lead - Information Security Audit

    Alpha Orion • Mumbai, India
    Lead IS Audit Job description The primary objective of Technology audits includes : - Ensure IT systems and...Show more
    Last updated: 30+ days ago • Promoted
    VAYUZ Technologies - IT Security Manager

    VAYUZ Technologies - IT Security Manager

    VAYUZ Technologies • Mumbai
    Description : About the Role : We are seeking an exp...Show more
    Last updated: 30+ days ago • Promoted
    Senior Information Technology Security Consultant

    Senior Information Technology Security Consultant

    InfoBeans • Mumbai, Maharashtra, India
    Senior Information Security Architect 2nd : Information Security Architect – Intermediate Level I have copied both the JD's please check before applying. JD for role 1 About the Job We are seeki...Show more
    Last updated: 1 day ago • Promoted
    Senior Role - GRC & Infosec

    Senior Role - GRC & Infosec

    NPCI Bharat BillPay Limited • Mumbai, Maharashtra, India
    Job Description – GRC (Infosec).The selected candidate will lead the development, implementation, and continuous improvement of the organization's governance, risk management, and compliance framew...Show more
    Last updated: 17 days ago • Promoted
    Information Security Manager

    Information Security Manager

    Ajanta Pharma Ltd • Mumbai, Maharashtra, India
    Senior Manager – Information Security.The Senior Manager – Information Security will spearhead the development and execution of a comprehensive information security strategy that supports the organ...Show more
    Last updated: 24 days ago • Promoted
    Information Security / ITGC Audit

    Information Security / ITGC Audit

    Digihelic Solutions Private Limited • Mumbai, India
    Conduct IT General Controls (ITGC) and Information Security audits.Review compliance with ISO 27001, SOC, and IT security standards. Evaluate access controls, change management, and incident respons...Show more
    Last updated: 30+ days ago • Promoted
    IDBI Capital Markets - Deputy Manager / Manager - Cyber Security

    IDBI Capital Markets - Deputy Manager / Manager - Cyber Security

    IDBI Capital Markets and Securities Limited • Mumbai, India
    ORGANISATION IDBI Capital Markets & Securities Limited Position IT Cybersecurity Professional (Cadre : Deputy Manager / Manager) <...Show more
    Last updated: 30+ days ago • Promoted
    Star TV - Senior Manager - Governance / Risk & Compliance

    Star TV - Senior Manager - Governance / Risk & Compliance

    Star India Pvt Ltd • Mumbai, India
    Senior Manager - Governance / Risk & Compliance Summary : We are seeking a strategic and execution-focused Senior Manager / Associate Director GRC to lead the design, implement...Show more
    Last updated: 16 days ago • Promoted