Job Description

Job Requirements
Role/ Job Title: Head-Infrastructure Security
Business: New Age
Function/ Department: Information Technology
Roles & Responsibilities:
2. Technology Management
Manage the implementation, configuration, and operations of the following technologies:

• Perimeter Security:

• Firewalls (Next-Gen), NIPS/NIDS (Network Intrusion Prevention/Detection)

• WAF (Web Application Firewall)

• Proxy solutions & Secure Web Gateways (SWG)

• SASE (Secure Access Service Edge) platform

• Endpoint & Device Security:

• EDR (Endpoint Detection and Response)

• MDM/AirWatch for device management

• NAC (Network Access Control)

• Identity & Access Management:

• MFA (Multi-Factor Authentication)

• Active Directory (AD)

• SCCM (System Center Configuration Manager) for endpoint control

• Data Security & Monitoring:

• DLP (Data Loss Prevention) solutions

• DAM (Database Activity Monitoring)

• SFTP (Secure File Transfer Protocol) management

• Application & Cloud Security:

• Cloud security posture management (where applicable)

• Monitoring NABD (Network Access Behavior Detection) or similar behavior analytics tools

3. Threat Management & Incident Response

• Develop, implement, and test the Incident Response Plan.

• Oversee SOC (Security Operations Center) and SIEM integrations for threat detection and response.

• Handle security incidents, forensic investigations, and post-incident reviews.

4. User Awareness & Training

• Lead the organization's cybersecurity awareness program.

Ensure employees understand and comply with security policies and procedures.
5. Vendor & Third-Party Risk

• Evaluate and manage third-party vendors for security compliance.

• Lead third-party security assessments and SLA enforcement.

Secondary Responsibilities :
'Configure and Install Routers, Switches, Firewalls, WLCs, WiFi APs, Load Balancers, SDWAN, and other network devices/ infrastructure.
Identify and evaluate new solutions to automate/streamline, improve performance and enhance capacity of network infrastructure in order to increase efficiencies.
. Regulatory & Audit Compliance

• Ensure compliance with RBI cybersecurity guidelines, PCI DSS, ISO 27001, etc.

• Lead interactions with regulators, auditors, and third-party assessors.

Required Skills & Competencies:

• Deep technical understanding of firewalls, WAF, DLP, DAM, EDR, MDM, AD, SCCM, MFA, SFTP, SASE, SWG, proxy, and NIPS/NABD.

• Sound knowledge of regulatory and compliance requirements in BFSI (RBI, SEBI, IRDAI).

• Strong leadership, communication, and stakeholder management skills.

• Ability to design security architecture for both on-prem and cloud environments.

• Strong grasp of incident management, threat intelligence, and SIEM operations.

Key Success Metrics:
'Improved MTTR, SLA and TAT for incidents and Service requests management, 100% adherence to Infra/Info security policies, audits, compliance.

Skills Required