Technical Risk Manager

Green & Wise
  • Mumbai, Pune
  • Confidential
  • 7-12 years
  • 23 Jan 2015

  • IT/ Information Technology

  • IT/ Technology - Hardware & Networking, IT/ Technology - Security, IT/ Technology - Data Center/ Manage Infrastructure Services
Job Description

Educational Qualifications:

Must have:

BE-IT / B Tech /Comps

Certification Desirable (not mandatory)

2. PMP
3. CEH

Key Responsibilities:

Roles & Responsibilities:

Assist TRM Lead in following activities

Managing the risk assessment, remediation and monitoring of technology risks
Ensure technical risk identification, assessment, quantification, tracking, reporting, communication, mitigation and monitoring
Manage the day-to-day activities of threat and vulnerability management including Vulnerability Assessment (VA), Penetration Testing (PT), Application security assessment (Appsec), Firewall/IPS/IDS Rule Base review
Develop, review and update hardening standards and guidelines.
Recommend treatment plans and communicate information about residual risk.
Analyze technical risks and arrive at risk criticality after considering compensating controls
Provide Risk Acceptance recommendations
Discussion with stakeholders for Risk Closure
Revise and develop processes to strength the current IT risk framework
Manage outsourced vendors with contracted service-level agreements.
Serve as an internal technical risk consultant to the operating functions and business lines
Builds and maintains positive working relationships with various IT and business teams
Responsibility for overall use of project resources, and initiation of corrective action where required.
Responsibility for compliance with standards, for example including change control management.
Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.

Required Skills:

Must have Minimum 6-8 years of experience in IT Security industry with a proven ability to lead and deliver multiple projects at one time or a similar delivery management role, including people & vendor management
Proficient working knowledge within the following risk domains/ technologies:

Database and application security
IDS/IPS technologies
System/Access Administration
Firewall technologies
Network Architecture
Network Security
Key Management/Tokenization
Database/Application/Network Layer Secure Protocols
Physical and Environmental Security
Secure Software/Code Development
Change Management
Vulnerability Management

Job Posted By

About Organisation

Green & Wise