Information Security Manager

Year    Bangalore, Karnataka, India

Job Description

Role: Information Security Manager
Base location: Bangalore, Chennai, Mumbai, Pune & Hyderabad
Key Responsibilities:
Security Architecture Review & Threat Modeling:

  • Conduct security architecture reviews for applications, cloud environments, and IT systems to identify risks.
  • Perform threat modeling (e.g., STRIDE, PASTA, MITRE ATT&CK, DREAD) to assess potential attack vectors and weaknesses.
  • Analyze authentication, encryption, and access control mechanisms within application and system architectures.
  • Review security controls against industry standards and organizational policies (e.g., NIST, ISO 27001, OWASP, CIS Controls, TISAX).
  • Provide secure design recommendations to mitigate identified risks.
Application & Cloud Security Assessment:
  • Assess web, mobile, and cloud-based applications for security risks and misconfigurations.
  • Evaluate API security, microservices architectures, and containerized environments for vulnerabilities.
  • Validate implementation of IAM, Zero Trust, network segmentation, and encryption standards.
Security Risk & Compliance Evaluation:
  • Identify security gaps in applications and infrastructure and recommend compensating controls.
  • Ensure compliance with GDPR, SOC 2, PCI-DSS, ISO 27001, TISAX, and other relevant security frameworks.
Collaboration & Reporting:
  • Create comprehensive reports detailing identified risks, mitigation strategies, cloud specific controls, data flow diagram, trust zones, and improvement recommendations.
  • Collaborate with stakeholders to develop and refine the enterprise security architecture and threat modeling strategies.
Requirements
Qualifications & Experience:
  • Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
  • Over 9 Years of experience, including 3+ years of experience in security architecture review, threat modeling, and risk assessment.
  • Strong expertise in threat modeling frameworks such as STRIDE, PASTA, MITRE ATT&CK, OWASP ASVS.
  • Knowledge of cloud security (AWS, Azure, GCP), API security, and microservices architecture.
  • Familiarity with IAM, Zero Trust, MFA, RBAC, PAM, and network security principles.
  • Experience in secure SDLC, DevSecOps, and security assessment.
  • Hands-on experience with security assessment tools (e.g., Microsoft Threat modeling, Microsoft Visio).
  • Understanding of penetration testing methodologies, security misconfigurations, and application security risks.
Preferred Certifications:
  • CISSP (Certified Information Systems Security Professional)
  • CSSLP (Certified Secure Software Lifecycle Professional)
  • CCSP (Certified Cloud Security Professional)
  • AWS/Azure Security Certifications
  • CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional)

Skills Required

Beware of fraud agents! do not pay money to get a job

MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Job Detail

  • Job Id
    JD4440488
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Bangalore, Karnataka, India
  • Education
    Not mentioned
  • Experience
    Year