IT Risk Manager - VAPT

Key Responsibilities :

• Vulnerability Management : Use a variety of VAPT tools like Burp Suite, OWASP ZAP, Nessus, Nmap, and Postman to assess applications and infrastructure.
• Security Best Practices : Ensure adherence to OWASP Top 10, API Security best practices, and secure coding principles across all development teams.
• Configuration Reviews : Conduct secure configuration reviews for firewalls, servers, endpoints, and API gateways to minimize vulnerabilities.
• DevSecOps : Help integrate security into our development lifecycle, working with Dev and Infra teams to ensure secure deployments.
• Incident Response : Participate in incident response workflows using tools like Splunk or CrowdStrike, and assist in maintaining incident response plans.
• Documentation & Compliance : Write and maintain security documentation, including SOPs.
• Ensure awareness and adherence to regulatory standards such as the RBI Cybersecurity Framework, PCI DSS, and NIST.
• Risk & Audits : Conduct risk assessments, security audits, and third-party security evaluations.
• Collaboration : Work closely with cross-functional teams (Development, Infrastructure, and Compliance) to ensure a unified and secure approach.

Required Skills & Qualifications :

Certifications :

(ref : hirist.tech)