Talent.com
HDB Financial Services - Senior Manager - Information Security & Governance

HDB Financial Services - Senior Manager - Information Security & Governance

HDB Financial Services LtdMumbai
30+ days ago
Job description

HDB Financial Services Ltd is looking for an experienced Red Team Assessment expert to join our Cyber Security Team.

This role is responsible for simulating real-world attacks to test the effectiveness of our security controls, detection capabilities, and incident response processes.

The ideal candidate will have a strong background in offensive security, a deep understanding of adversary tactics, and the ability to provide actionable insights to strengthen our overall security posture.

Technical Configuration Audit Based Assessment role to strengthen our IT and Cyber Security Posture.

The role is responsible for reviewing assessing and auditing systems, network and security configuration to ensure compliance with internal policies, regulatory requirement and industry best practices.

This role will play a key role in identifying misconfiguration, recommending corrective measures and ensuing that IT and Cyber Security solution are implemented securely and effectively.

Key Responsibilities :

Red Team Assessment :

  • Conduct red team exercises to mimic sophisticated cyberattacks and evaluate the effectiveness of security controls.
  • Develop and execute complex attack scenarios using tactics, techniques, and procedures (TTPs) aligned with real-world threat actors.
  • Perform internal Red Team Assessment across networks, applications, endpoints, and cloud environments.
  • Develop and deploy custom attack tools and payloads (e., backdoors, phishing kits, webshells).
  • Use frameworks like MITRE ATT&CK to guide threat simulation strategies.
  • Emulate advanced persistent threat (APTs) using industry-recognized tactics, techniques and procedure (TTPs).
  • Document attack paths, vulnerabilities exploited, and lateral movement techniques, including attack scenarios, vulnerabilities, and recommendations for remediation.
  • Develop custom scripts, tools and methodologies.
  • Hand-on experience with Active Directory attacks, exploitation frameworks and scripting (Python, PowerShell, Bash etc.
  • Assist SOC team to simulate the SOC Use Case.
  • Assist internal team for Breach Attack Simulation scan and improve overall BAS posture.
  • Identify and exploit vulnerabilities across infrastructure, applications, cloud environment and physical security.
  • Provide detailed reports with remediation strategies and executive summaries.
  • Collaboration with Blue Teams Work closely with defensive teams to share insights, improve detection capabilities, and strengthen incident response.
  • Track remediation efforts and perform follow-up to confirm closure of reported findings.

Configuration Audit Based Assessment :

  • Conduct technical configuration audits across servers, database, endpoints, network devices, cloud platforms and cyber security solutions.
  • Review system and security settings to ensure alignment with secure configuration standards as per CIS, NIST, ISO & Regulatory requirements.
  • Identify configuration gaps, control weaknesses and recommend remediation steps.
  • Work with IT, Infrastructure and Security Operations teams to validate configuration compliance.
  • Document audit findings, prepare reports and present results to stakeholders in a clear and structured manner.
  • Support risk assessments and internal / external audits by providing configuration compliance evidence.
  • Stay updated evolving security standards, compliance requirements and vendor configuration guidelines.
  • Track remediation efforts and perform follow-up audits to confirm closure of findings.

    • Mandatory Skills Required :

  • Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience).
  • MITRE ATT&CK mapping and threat modelling.
  • Strong understanding of regulatory frameworks (RBI, ISO 27001).
  • Excellent soft skills : stakeholder communication, presentation, and leadership.
  • Certifications such as OSCP, OSCE, CEH, GPEN are highly preferred.
  • Understanding of secure network architecture, segmentation and defence in depth.
  • Designing and implementing security controls across systems, networks and applications.
  • Ability to analyze complex security issues and clearly communicate them to non-technical stakeholders.
  • Strong understanding of offensive security techniques and threat modeling.
  • Proficiency in scripting languages (Python, Bash, PowerShell).
  • Experience with tools like Metasploit, Cobalt Strike, Burp Suite, and Nmap.
  • Familiarity with cloud platforms (AWS, Azure, GCP) and their security configurations.
  • Knowledge of regulatory frameworks and audit standards.
  • Ability to write clear, actionable technical and executive-level reports.
  • Certifications such as OSCP, CRTP, CEH, or CISSP are highly desirable.
  • Familiarity with secure configuration frameworks such as CIS Benchmarks, NIST Framework, ISO 27001 etc.

    • Preferred Traits :

  • Analytical mindset with attention to detail.
  • Excellent communication and collaboration skills.
  • Passion for cybersecurity and continuous learning.

    • (ref : hirist.tech)

    Create a job alert for this search

    Manager Information • Mumbai

    Related jobs
    • Promoted
    Senior Security Consultant

    Senior Security Consultant

    Claranet IndiaMumbai, IN
    Founded at the beginning of the dot.CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP)...Show moreLast updated: 30+ days ago
    • Promoted
    Sr. Lead - Cloud Security

    Sr. Lead - Cloud Security

    Sycamore Informatics Inc.Thane, IN
    Cloud security framework; Strong scripting skills with PowerShell and.Solid understanding of version control tools, particularly Git. Experience with cloud platforms, including AWS, Azure and GCP.Pr...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Compliance Manager

    Senior Compliance Manager

    KuCoin ExchangeKalyan-Dombivli, IN
    Maintain registration and license in India.Provide compliance support to all business units of the company in India.Manage KYC and AML matters, to implement controls over KYC and AML in order to co...Show moreLast updated: 8 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaKalyan-Dombivli, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Manager - Information Security And Governance

    Manager - Information Security And Governance

    ConfidentialMumbai, India
    Information Security Manager to lead initiatives across SOC operations and Governance, Breach attack simulation, cloud security, and governance. The ideal candidate will possess deep technical exper...Show moreLast updated: 19 days ago
    • Promoted
    Information Security Manager

    Information Security Manager

    ConfidentialMumbai, India
    Senior Manager – Information Security.The Senior Manager – Information Security will spearhead the development and execution of a comprehensive information security strategy that supports the organ...Show moreLast updated: 18 days ago
    • Promoted
    Senior Associate- Information Security-MNC Financial Services

    Senior Associate- Information Security-MNC Financial Services

    Riverforest Connections Private LimitedMumbai, Maharashtra, India
    The role will be responsible for the design implementation and management of Zscaler ZIA APA and Data Protection solutions to meet the organisations security requirements.The role will require the ...Show moreLast updated: 9 days ago
    • Promoted
    Senior Manager - Information Security

    Senior Manager - Information Security

    NMS ConsultantMumbai
    Description : The Senior Manager Information Security will spearhead the development and execution of a comprehensive information security strateg...Show moreLast updated: 30+ days ago
    • Promoted
    Lead - Information Security Audit

    Lead - Information Security Audit

    Alpha OrionMumbai, India
    Lead IS Audit Job description The primary objective of Technology audits includes : - Ensure IT systems and...Show moreLast updated: 30+ days ago
    • Promoted
    VAYUZ Technologies - IT Security Manager

    VAYUZ Technologies - IT Security Manager

    VAYUZ TechnologiesMumbai
    Description : About the Role : We are seeking an exp...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Manager Information Security

    Senior Manager Information Security

    ConfidentialMumbai
    As a Senior Manager of Information Security, you will play a pivotal role in leading andmanaging a team of skilled information security professionals. This role demands acomprehensive understanding ...Show moreLast updated: 7 days ago
    • Promoted
    • New!
    TPRM Senior Manager (Qatar)

    TPRM Senior Manager (Qatar)

    Cubical Operations LLPKalyan-Dombivli, IN
    Job Description – TPRM Senior Manager (Qatar Travel Requirement).Senior Manager – Third-Party Risk Management (TPRM).Qatar (Frequent travel to / from India). India (Work from India when not travelling...Show moreLast updated: 6 hours ago
    • Promoted
    Senior Infrastructure Project Manager

    Senior Infrastructure Project Manager

    TechHarbor PartnersThane, IN
    TechHarbor Partners is dedicated to guiding businesses and individuals through the digital landscape with innovative solutions. The team at TechHarbor Partners believes in the power of technology an...Show moreLast updated: 30+ days ago
    • Promoted
    Manager - Information Security

    Manager - Information Security

    Hipos Consulting Services LLPMumbai
    About : - Master's or bachelor's degree in information technology / Information Security / Computer Science, or a related field. Information Security, specifically in ...Show moreLast updated: 30+ days ago
    • Promoted
    Manager Information Security

    Manager Information Security

    ExperianMumbai, Maharashtra, India
    Experian India is looking for an Information Security Manager .What youll be doing (Job responsibilities for this role).Regulatory Compliance & Governance. Lead internal audits and coordina...Show moreLast updated: 30+ days ago
    • Promoted
    Information Security Manager

    Information Security Manager

    Ajanta Pharma LtdMumbai, Maharashtra, India
    Senior Manager – Information Security.The Senior Manager – Information Security will spearhead the development and execution of a comprehensive information security strategy that supports the organ...Show moreLast updated: 15 days ago
    • Promoted
    Manager - Information Security

    Manager - Information Security

    ConfidentialMumbai, India
    Experian India is looking for an Information Security Manager.What you'll be doing (Job responsibilities for this role).Regulatory Compliance & Governance. Lead internal audits and coordinate with e...Show moreLast updated: 19 days ago
    • Promoted
    • New!
    Senior Security Engineer

    Senior Security Engineer

    First American (India)Kalyan-Dombivli, IN
    The Senior Security Engineer will be responsible for designing and implementing the Database Activity Monitoring (DAM) function to ensure the security, integrity, and compliance of enterprise data ...Show moreLast updated: 6 hours ago