Sonata Software
Website:
sonata-software.com
Job details:
SOID
SSL-26-27-196
Role
Tech PM
No of Open positions
1
Total Exp
13+ yrs
Highest Qualification
Any Engineering degree
Work Location
Noida (work from office 5 days a week)
Mode of Hire
Contract/ Permanent
Rate Card (Max)
Experience *2.5 X
Notice Period
Immediate
Rounds of interviews
3 rounds
Skills Required
Minimum criteria to match the requirement
Skills Require d
Primary Skills: PM with Cyber Risk Management, Corporate Audit, Technology Services, QA, Development, Architecture
Experience : 13+ years
Role Description
Key Responsibilities:
Cyber Remediation Leadership
- Lead end-to-end technical project management for cybersecurity remediation initiatives including vulnerabilities, misconfigurations, and control gaps
- Ensure timely, risk-prioritized delivery of remediation projects
- Translate cyber requirements and control objectives into actionable workstreams, acceptance criteria, test plans, and measurable remediation steps
- Coordinate response and resolution of security incidents within defined SLAs
Cross-Functional Coordination
- Serve as the central point of accountability for project scope, schedule, budget, and risks
- Coordinate cross-functional teams (Development, DevOps, QA, Security, Audit, Operations)
- Run technical working groups and facilitate collaboration between technical and non-technical stakeholders
- Escalate blockers appropriately and remove impediments to project delivery
SDLC & Quality Integration
- Integrate control objectives into the Software Development Life Cycle (SDLC) and CI/CD release pipelines
- Drive design changes, code fixes, configuration updates, automated tests, and regression testing to validate controls
- Drive continuous improvement in software quality practices including test automation, static/dynamic analysis, CI/CD quality gates, code review standards, and release governance
Governance & Reporting
- Establish and report key performance indicators (KPIs) and dashboards tracking remediation SLAs, defect escape rates, control effectiveness, and test coverage
- Communicate status, blockers, and impact clearly to leadership and Governance/Risk/Compliance (GRC) stakeholders
- Ensure alignment with relevant GRC requirements and maintain up-to-date control mappings
- Prepare executive-level risk dashboards and metrics providing transparency into security posture
Risk & Compliance Management
- Work with GRC teams to assess and document security risks across products, applications, and systems
- Collaborate with remediation owners to develop and track resolution plans based on risk severity and business impact
- Ensure compliance with regulatory and industry obligations (PCI-DSS, SOC 2, ISO 27001, NIST CSF)
Mandatory Skills
5+ years of technical project/program management experience in an enterprise environment
Cybersecurity Expertise
- Hands-on understanding of security vulnerabilities, remediation processes, and common mitigation patterns (patching, configuration changes, secure coding fixes)
- Experience with vulnerability management platforms and GRC tools
- Knowledge of security frameworks (NIST CSF, ISO/IEC 27001, CIS Controls)
SDLC & DevOps
- Practical experience with Software Development Life Cycle (SDLC)
- Experience with DevOps/CI/CD pipelines and automated testing practices
- Understanding of software quality engineering principles
Project Management
- Proven ability to define scope, prioritize work, remove blockers, manage timelines, and report progress with concise metrics
- Strong stakeholder management and cross-functional leadership skills
- Experience running technical working groups and Agile ceremonies
Tools & Platforms
- Proficiency with ticketing and orchestration tools (JIRA, ServiceNow)
- Experience with GRC or vulnerability management platforms (Archer, Tenable, Qualys, Rapid7)
- Familiarity with collaboration tools (Confluence, SharePoint, MS Teams)
Click on Apply to know more.