IT Security Lead

  • Bengaluru
  • IT Infra & Security
  • Report to: IT Security Head

Job Responsibilities:

  • Align standards, frameworks and security with overall business and technology strategy

  • Leads on the identification of data security and information protection risks across the organization and works with stakeholders to develop and implement mitigation plans, escalating issues as appropriate

  • Acts as a subject matter expert on data security for projects looking to implement new tools, products, or processes

  • Embedding security into all stages of DevOps

  • Identify new security opportunities and challenges and ensure action is taken to eradicate risks

  • Oversees maintenance of systems to protect data from unauthorized users

  • Leads and facilitates organizational training and communications around data security and information protection issues

  • Oversee incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary

  • Manage security tools & solutions- Antivirus, EDR, Email Gateway, SIEM & SOO, WAF, Firewalls etc.

  • Ensure timely response on security incidents. Discuss & conclude the actionable & recommendations with concerned stakeholders

  • Backup & BCP validation for all infrastructure and applications

  • Regular monitoring of security & compliance directions from regulators & internally coordinate the actionable to promptly complete the assessment & implementation

  • Implements measures to protect digital files and information systems against unauthorized access, modification, or destruction

  • Defines, implements, and maintains corporate security policies

  • Develops strategies to respond to and recover from a security breach

  • Develop or implement tools to assist in detection, prevention, and analysis of security threats

  • Manage resources and vendors and get the right people and processes in place

  • Review, tuning and development of SIEM technology system and alerts

  • Security Incident Monitoring and Response

  • Assists in effective Data monitoring and Data Loss Prevention procedures

  • Provide recommendations for correct approach and strategy where security gaps exist or inadequate tools or processes are found, all within a reasonable balance between security, cost and productivity

  • Demonstrate vulnerabilities to the stakeholders in a convincing manner & lead remediation

  • Security requirements writing and Pen Testing

  • Conducts periodic inventory scans including AWS Infrastructure, Applications, APIs, Websites, on-premise servers & network to find any vulnerability

Required Skills:

  • Hands on experience on VAPT tools

  • Best security practices of cloud solutions

  • Conceptual knowledge of DevOps, hosting, APIs, Applications & Websites

  • Windows, Linux, Ubuntu- server configuration understanding

  • Network device configuration knowledge ex. Switches, routers

  • Knowledge on Firewall configuration and rule management VPN configuration

  • Experience of identifying risks in Cyber security management processes, developing, and implementing remedial action

  • Excellent project management skills and experience of leading on data security projects across multiple locations

  • Experience of developing and implementing data security policies and protocols

  • Understanding of log analysis and security forensics

  • Knowledge in implementation of ISO27001 standards

Desirable Certifications:

  • Certified Ethical Hacker (CEH)

  • CompTIA Security+

  • Certified Information System Security Professional (CISSP)

  • Certified Information Security Manager (CISM)

  • Certified Information Systems Auditor (CISA)

Management Skills:

  • User communications & relationship management

  • Vendor management

  • Stakeholder management

Soft Skills

  • Good Analytical and problem solving skills

  • Knowledge of the financial services domain will be an added advantage

  • Ability to collaborate with internal and external stakeholders for effective delivery of the tasks assigned

  • Strong verbal and written communicator, able to speak with the business stakeholders and understand the requirements

  • Well organized and consistently delivers on commitments


  • Bachelor degree in engineering or computer science with Minimum 8 – 12 years of experience in Information & Cyber Security

Other Requirements:

  • Keen interest in learning technology

  • A great team player and should be able to work across multiple groups / teams

  • Should be able to work in a demanding environment

  • Strong written and oral communication and interpersonal skills

  • Must have a go-getter attitude

  • High social responsibility & Integrity

  • Compliance to policies, rules and regulations

  • Belief in Teamwork & Effective leadership

  • Good Vendor management skills

For any questions on job openings & application details, write to us at:

Fill in your details to apply

If you are interested in the role, enter your details and upload your resume, our team will be in touch with you.