Information Security ManagerAviva Indiafull-timeRequired skillsSIEMActive Directorycompliancecross-functionalincident responsekey performance indicatorsmachine learningnetwork architectureproxyRoot Cause AnalysisAbout the role Aviva India Website: avivaindia.com Job details: Key ResponsibilitiesLead and manage the response to security incidents, coordinating efforts between the GSOC and local SOCs.Lead the incident response team in identifying, managing, and resolving security incidents.Develop and maintain incident response plans, playbooks, and procedures.Coordinate with internal and external stakeholders to manage and communicate the response to security incidents.Conduct regular threat hunting, vulnerability assessments, and risk analyses.Coordinate and manage the response to security incidents, including detection, containment, eradication, and recovery.Develop, implement, and maintain SOC policies, procedures, and standards.Conduct comprehensive assessments of the Active Directory environment, including architecture, configuration, security, and performance.Identify vulnerabilities, misconfigurations, and areas for improvement in AD operations.Develop and recommend strategies for optimizing AD performance, security, and scalability.Lead the implementation and management of EDR solutions across the organization.Develop and enforce EDR policies, procedures, and best practices.SIEM use case fine tuning.Monitor and analyse EDR alerts to identify and respond to security incidents.Collaborate with IT and security teams to ensure the effective deployment and integration of EDR tools.Conduct root cause analysis and forensics on security incidents to prevent future occurrences.Lead the deployment, configuration, and management of the Tanium platform across the organization.Develop and maintain policies, procedures, and documentation for Tanium operations.Monitor and analyse Tanium data to identify security threats, vulnerabilities, and compliance issues.Develop and implement a robust DLP strategy to protect sensitive data from unauthorized access, use, disclosure, disruption, modification, or destruction.Manage and configure DLP tools and technologies to monitor, detect, and respond to data loss incidents.Monitor and analyse data loss incidents, providing detailed reports and recommendations for mitigation.Collaborate with IT, legal, compliance, and business units to ensure DLP initiatives align with regulatory requirements and organizational goals.Develop and deliver training programs to educate employees on data protection best practices and DLP policies.Conduct regular audits and assessments to ensure the effectiveness of DLP controls and compliance with policies.Knowledge of Proxy & MDM.Key SkillsDeep understanding of cybersecurity principles, including threat landscapes, risk management, and best practices.Knowledge of network architecture, firewalls, intrusion detection/prevention systems, VPNs, and encryption.Proficiency with security information and event management (SIEM) tools, vulnerability assessment tools, antivirus/malware protection, DLP, SOAR, Nessus, Tanium, EDR, encryption and endpoint security solutions.Experience in developing and implementing incident response plans, as well as handling and mitigating security breaches. Understanding of relevant regulations and standards (e.g., DPDP & ISO 27001) and ensuring the organization meets these requirements.Knowledge of ISMS.Ability to conduct risk assessments and develop strategies to mitigate identified risks.Ability to lead and manage a security team, including DLP and SOC.Managing changes to security policies, procedures, and technologies in a way that minimizes disruptions to the organization.Deep understanding of encryption technologies and cryptographic protocols to protect sensitive information.Establishing and tracking key performance indicators (KPIs) and metrics to measure the effectiveness of the security program.Leveraging AI and machine learning technologies to enhance threat detection and response capabilities.Qualifications & ExperienceBachelor’s degree in Computer Science, Information Technology, or related field.10+ years of relevant experience.Deep understanding of cybersecurity principles, technologies, and best practices.Experience with network architecture, firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and encryption.Proven experience in developing and executing incident response plans, handling security breaches, and conducting post-incident reviews.Understanding of the specific security challenges and regulatory requirements within the insurance sector.Proficiency in conducting risk assessments, developing risk management strategies, and integrating risk considerations into security planning.Ability to work collaboratively with cross-functional teams and stakeholders at all levels of the organization. Click on Apply to know more. This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.