HDB Financial Services - Senior Manager - Information Security & GovernanceHDB Financial Services Ltd • Mumbai
No longer accepting applications
HDB Financial Services - Senior Manager - Information Security & Governance
HDB Financial Services Ltd • Mumbai
30+ days ago
Job descriptionConduct technical configuration audits across servers, database, endpoints, network devices, cloud platforms and cyber security solutions. Review system and security settings to ensure alignment with secure configuration standards as per CIS, NIST, ISO & Regulatory requirements. Identify configuration gaps, control weaknesses and recommend remediation steps. Work with IT, Infrastructure and Security Operations teams to validate configuration compliance. Document audit findings, prepare reports and present results to stakeholders in a clear and structured manner. Support risk assessments and internal / external audits by providing configuration compliance evidence. Stay updated evolving security standards, compliance requirements and vendor configuration guidelines. Track remediation efforts and perform follow-up audits to confirm closure of findings. Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). MITRE ATT&CK mapping and threat modelling. Strong understanding of regulatory frameworks (RBI, ISO 27001). Excellent soft skills : stakeholder communication, presentation, and leadership. Certifications such as OSCP, OSCE, CEH, GPEN are highly preferred. Understanding of secure network architecture, segmentation and defence in depth. Designing and implementing security controls across systems, networks and applications. Ability to analyze complex security issues and clearly communicate them to non-technical stakeholders. Strong understanding of offensive security techniques and threat modeling. Proficiency in scripting languages (Python, Bash, PowerShell). Experience with tools like Metasploit, Cobalt Strike, Burp Suite, and Nmap. Familiarity with cloud platforms (AWS, Azure, GCP) and their security configurations. Knowledge of regulatory frameworks and audit standards. Ability to write clear, actionable technical and executive-level reports. Certifications such as OSCP, CRTP, CEH, or CISSP are highly desirable. Familiarity with secure configuration frameworks such as CIS Benchmarks, NIST Framework, ISO 27001 etc. Analytical mindset with attention to detail. Excellent communication and collaboration skills. Passion for cybersecurity and continuous learning.
HDB Financial Services Ltd is looking for an experienced Red Team Assessment expert to join our Cyber Security Team.
This role is responsible for simulating real-world attacks to test the effectiveness of our security controls, detection capabilities, and incident response processes.
The ideal candidate will have a strong background in offensive security, a deep understanding of adversary tactics, and the ability to provide actionable insights to strengthen our overall security posture.
Technical Configuration Audit Based Assessment role to strengthen our IT and Cyber Security Posture.
The role is responsible for reviewing assessing and auditing systems, network and security configuration to ensure compliance with internal policies, regulatory requirement and industry best practices.
This role will play a key role in identifying misconfiguration, recommending corrective measures and ensuing that IT and Cyber Security solution are implemented securely and effectively.
Key Responsibilities :
Red Team Assessment :
- Conduct red team exercises to mimic sophisticated cyberattacks and evaluate the effectiveness of security controls.
- Develop and execute complex attack scenarios using tactics, techniques, and procedures (TTPs) aligned with real-world threat actors.
- Perform internal Red Team Assessment across networks, applications, endpoints, and cloud environments.
- Develop and deploy custom attack tools and payloads (e., backdoors, phishing kits, webshells).
- Use frameworks like MITRE ATT&CK to guide threat simulation strategies.
- Emulate advanced persistent threat (APTs) using industry-recognized tactics, techniques and procedure (TTPs).
- Document attack paths, vulnerabilities exploited, and lateral movement techniques, including attack scenarios, vulnerabilities, and recommendations for remediation.
- Develop custom scripts, tools and methodologies.
- Hand-on experience with Active Directory attacks, exploitation frameworks and scripting (Python, PowerShell, Bash etc.
- Assist SOC team to simulate the SOC Use Case.
- Assist internal team for Breach Attack Simulation scan and improve overall BAS posture.
- Identify and exploit vulnerabilities across infrastructure, applications, cloud environment and physical security.
- Provide detailed reports with remediation strategies and executive summaries.
- Collaboration with Blue Teams Work closely with defensive teams to share insights, improve detection capabilities, and strengthen incident response.
- Track remediation efforts and perform follow-up to confirm closure of reported findings.
Configuration Audit Based Assessment :
Mandatory Skills Required :
Preferred Traits :
(ref : hirist.tech)
Create a job alert for this search
Senior Manager Service • Mumbai
Related jobs
The Information Security Manager is responsible for proactively managing and improving our Information Security Management System driving risk reduction and security maturity across the organisatio...Show more
Senior Manager - Cybersecurity & Infrastructure
Comaea Consulting • Mumbai, Maharashtra, India
Our client is a leading MNC in the maritime industry seeking a Senior Cybersecurity & Infrastructure Manager to strengthen and secure its global digital infrastructure across offices and fleet oper...Show more
Last updated: 30+ days ago • Promoted
Senior Infosec Engineer – Cloud & Security Solutions
IDfy • Mumbai, Maharashtra, India
IDfy is Asia’s leading TrustStack, trusted by the best, with global expertise and enterprise-grade tech, we’re solving trust challenges, making compliance easy, fraud detection smarter, and onboard...Show more
Last updated: 10 days ago • Promoted
DET-Senior Manager-Tech SandT-GDSNF
EY Studio+ Nederland • Mumbai, Maharashtra, India
At EY were all in to shape your future with confidence.Well help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.Join EY and help to ...Show more
Last updated: 7 days ago • Promoted
Senior Manager IS Cyber Culture & Awareness
Mashreq • Mumbai, IN
The Cyber Security Awareness Specialist plays a critical role in maturing Mashreq Bank’s cyber security awareness program.
The specialist is responsible for fostering a culture where Cybersecurity i...Show more
Last updated: 25 days ago • Promoted
SOC Manager
Network Intelligence • Mumbai, Maharashtra, India
The SOC Manager will lead and mature the Security Operations Center (SOC), overseeing threat monitoring, detection, incident response, and overall security operations.
This role requires strong lead...Show more
Last updated: 16 days ago • Promoted
TC-CS-CTM-AppSec-Senior Manager
EY Studio+ Nederland • Mumbai, Maharashtra, India
At EY were all in to shape your future with confidence.Well help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.Join EY and help to ...Show more
Last updated: 7 days ago • Promoted
DET-Senior Manager-Tech Sand T-GDSNF
EY Studio+ Nederland • Mumbai, Maharashtra, India
At EY were all in to shape your future with confidence.Well help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.Join EY and help to ...Show more
Last updated: 7 days ago • Promoted
Senior Associate- Information Security-MNC Financial Services
Riverforest Connections Private Limited • Mumbai, Maharashtra, India
The role will be responsible for the design implementation and management of Zscaler ZIA APA and Data Protection solutions to meet the organisations security requirements.The role will require the ...Show more
Last updated: 19 days ago • Promoted
Senior Application Security Manager
ARCON • Mumbai, Maharashtra, India
We are seeking a highly experienced and strategic-minded Senior Manager of Application Security to lead our security initiatives.
The ideal candidate will be a seasoned leader with a deep understand...Show more
Last updated: 30+ days ago • Promoted
Business Development Manager(Cyber Security Services)
TECEZE • Mumbai Metropolitan Region, India
Business Development Manager – Cyber Security Services.Sales / New Business Acquisition.Individual Contributor (Hunter Role).
Teceze is looking for a high-performing.Business Development Manager (BD...Show more
Last updated: 6 days ago • Promoted
Manager - Enhanced Due Diligence - ISG Management
Morgan Stanley • Mumbai, India
We are the Non-Financial (NFR) group within the Institutional Securities Group (ISG) management function.NFR is responsible for managing several non-financial risks across ISG, including but not li...Show more
Last updated: 30+ days ago • Promoted
Senior Consultant (Forensic Audit)
Acme Services Private Limited • Mumbai, Maharashtra, India
Work on projects related to Information Security Management System (ISO 27001 : 2022) certification.Conduct ISO 27001 : 2022 internal audits and comprehensive gap assessments.Execution of Cybersecurit...Show more
Last updated: 22 days ago • Promoted
Lead - Information Security Audit
Alpha Orion • Mumbai, India
Lead IS Audit Job description The primary objective of Technology audits includes : - Ensure IT systems and...Show more
Last updated: 30+ days ago • Promoted
Manager Information Security
Experian • Mumbai, Maharashtra, India
Experian India is looking for an Information Security Manager .What youll be doing (Job responsibilities for this role).Regulatory Compliance & Governance.
Lead internal audits and coordina...Show more
Last updated: 30+ days ago • Promoted
Senior Role - GRC & Infosec
NPCI Bharat BillPay Limited • Mumbai, Maharashtra, India
Job Description – GRC (Infosec).The selected candidate will lead the development, implementation, and continuous improvement of the organization's governance, risk management, and compliance framew...Show more
Last updated: 18 days ago • Promoted
GAIN Central IT - Information Security Manager
This is Gain Ltd • Mumbai, MH, IN
Quick Apply
Last updated: 30+ days ago
Information Security / ITGC Audit
Digihelic Solutions Private Limited • Mumbai, India
Conduct IT General Controls (ITGC) and Information Security audits.Review compliance with ISO 27001, SOC, and IT security standards.
Evaluate access controls, change management, and incident respons...Show more
Last updated: 30+ days ago • Promoted
IDBI Capital Markets - Deputy Manager / Manager - Cyber Security
IDBI Capital Markets and Securities Limited • Mumbai, India
ORGANISATION IDBI Capital Markets & Securities Limited Position IT Cybersecurity Professional (Cadre : Deputy Manager / Manager) <...Show more
Last updated: 30+ days ago • Promoted