CareerStation
AC

Security Lead

Acme Services
Mumbai10-17 LPA Posted 21 Jul 2025
FULL TIME
Devops
Ceh
Cism
Oscp
Cissp
+2 more

Job Description

Key Responsibilities:

Security Strategy & Governance:

  • Develop, implement, and maintain security policies, procedures, and controls.
  • Support the CISO in building a comprehensive security program aligned with business goals.
  • Ensure compliance with standards such as ISO 27001, NIST, GDPR, and relevant local regulations.

Threat & Vulnerability Management:

  • Identify, assess, and mitigate security risks across networks, systems, applications, and cloud environments.
  • Lead vulnerability assessments, penetration testing, and security audits.
  • Monitor threat intelligence feeds and respond to emerging threats.

Incident Response & Investigation:

  • Lead incident response efforts, including containment, root cause analysis, and remediation.
  • Develop and maintain an incident response plan and conduct regular tabletop exercises.
  • Document incidents and report findings to management and regulatory bodies when needed.

Team Leadership & Collaboration:

  • Supervise security analysts/engineers and coordinate with cross-functional IT and business teams.
  • Mentor junior team members and promote a culture of security awareness.
  • Work with infrastructure, application, and network teams to integrate security best practices.

Tools & Technology Management:

  • Manage and optimize security tools such as SIEM, DLP, EDR, firewalls, and IAM solutions.
  • Evaluate and onboard new security technologies and services as required.

Training & Awareness:

  • Drive company-wide security awareness and training initiatives.
  • Educate staff on phishing, social engineering, password hygiene, and data protection.

Key Requirements:

  • Education:
  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • Master's degree or MBA in Information Security or IT Management is a plus.
  • Certifications (preferred):
  • CISSP, CISM, CEH, OSCP, ISO 27001 LA, or similar.
  • Experience:
  • 6–10 years of experience in information security, with at least 2–3 years in a lead or managerial role.
  • Skills:
  • Deep understanding of cybersecurity frameworks and principles
  • Experience with security monitoring, forensics, and incident response
  • Knowledge of secure software development (DevSecOps), cloud security (AWS, Azure), and network security
  • Strong communication, leadership, and stakeholder management skills
  • Ability to handle pressure in fast-paced environments

Required Skills

DevopsCehCismOscpCisspAzureAws
Join WhatsApp Channel