Cyber Security Lead - GTE SEC OSA

Ability to identify, propose, design and run the operational and security risk Controls.

Sound understanding of various cybersecurity controls and their relevance to handle various threat scenarios.

Proactively identify security gaps and propose recommendations to enhance the security controls through remediation procedures.

Identify data model (attribute/fields) from security logs to perform audit and checks.

Device efficient processes to enforce security controls and ensure their effectiveness.

Effective communication with the stakeholders project team, security SPOCs and other cross functional teams.

Ability to assess the maturity level of existing new controls and improve control effectiveness by implementing necessary action items.

Evaluate the Security and Risk Assessment for the infrastructure and/or applications to propose relevant recommendations.

Recognizes problems by identifying abnormalities, reporting discrepancies

Good reporting / communication skills and ability to convey technical or complex security topics to management is simple and effective manner. Experience on designing reports using tools like Power BI or Tableau or Pandas/Xlwings/Plotydash is added advantage

Profile Required:

Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field

Experience : 6 + yrs

Cybersecurity: - Risk analysis: Intermediate to Expert

Security audit and framework (ISO 27001, NIST, PCI-DSS): Intermediate to Expert

Pentest knowledge (OWASP, methodology, hacking): Intermediate to Expert

Ethical hacking and control effectiveness testing: Intermediate to Expert

Public Cloud infrastructure & security (AWS, Azure): Intermediate

Security and Code Audit reviews:- Understanding of infrastructure and application security controls in cloud and on-premise like Amazon Web Application Firewall, Amazon Guard Duty, Amazon Inspector, AWS IAM Access Analyzer, AWS cloud Trail, AWS Shield, Amazon Macie, AWS Config, AWS security Hub, Integration with 3rd party tools: Intermediate to Expert

Scripting knowledge (python, Git, Pandas…): Intermediate

System and OS administration & hardening- Application Security: Intermediate to Expert

Linux/windows administration: Intermediate

Linux/windows security and hardening: Intermediate to Expert

Vulnerability management standards: Standard