Infosec Engineer (M&A)

Description

Position : Infosec Engineer (M&A)

Grade : IT4

Location : Noida / Bangalore

What will you do

Develop and implement comprehensive cyber security strategies aligned with industry best practices and frameworks, including NIST CSF, CIS, MITRE ATT&CK, and the Cyber Kill Chain.

Provide leadership in network security, cloud security, vulnerability management, incident response, application security, and IoT security, ensuring all functions operate effectively and efficiently.

Oversee the deployment and management of security technologies such as SIEM / SOAR, EDR / XDR, IDS / IPS, NAC, email gateways, Active Directory, DAST / SAST, WAF, firewalls, and vulnerability management tools.

Collaborate with IT and business units to identify and mitigate security risks, ensuring compliance with security policies and standards.

Drive the development of cyber security policies, standards, and procedures, ensuring they are well-communicated and adhered to across the organization.

Stay current with emerging cyber threats and vulnerabilities, providing insights and recommendations to enhance the security posture.

Manage and analyze security metrics, producing reports to inform leadership on the state of the organization's security.

Lead a team of cyber security professionals, fostering a collaborative and high-performance culture.

Build strong relationships with internal and external stakeholders, including IT, M&A, business units, and third-party vendors, to ensure cohesive security practices.

Communicate effectively with senior management, providing clear and concise updates on security initiatives, risks, and strategies.

Advocate for security best practices throughout the organization, driving awareness and engagement at all levels.

Requirements

• Strong hands-on experience in design, deploying and managing Network security, IAM suite of technology solutions / services, PKI services, Data Security solutions, Product / Application security solutions, SOC solutions and tools, 3rd party risk management.
• Strong hands-on experience conducting PEN testing, red / purple team exercises, tabletop simulations, PEN testing, IR and vulnerability management across IT domains and business where appropriate.
• Strong knowledge of Microsoft, Linux, Apple, AWS, Storage (NetApp and Pure), Azure and GCP.
• Experience in implementing and enforcing security services and control (shift-left) across Infrastructure as a Code, Configuration management, DevOps and other automation capabilities is desired.
• Proven experience leading a global cybersecurity engineering and operations team, managing both people and technology

Experience :

Qualification :

We’re doing work that matters. Help us solve what others can’t.