Hitachi Payment Services is a leading payment solutions provider in the country enabling its customers to grow by offering technology-led cash & digital payment solutions while building a robust payment infrastructure in the country driving financial empowerment and enabling social change. We cater to customers such as banks payment aggregators and fintech players who are ready to capture the emerging opportunities in this payments segment.
PURPOSE OF JOB
The Information Security Manager is a critical role responsible for protecting the corporate network and ensuring the security integrity and high availability of our IT infrastructure. This individual will lead the daily operations of the Security Operations Center (SOC) manage security technologies respond to incidents and maintain a proactive defense posture against emerging threats.
KEY RESPONSIBILITIES
Key Responsibilities and Duties
The Information Security Manager will oversee and execute tasks across four core areas: Security Operations Incident & Event Management Threat and Vulnerability Management and Network Reliability.
Security Operations & Incident Management
Lead Daily SOC Operations: Oversee and participate in the daily activities of the Security Operations Center including initial incident recognition and reporting by the Security Analyst team.
Security Incident and Event Management (SIEM):
Own and manage the SIEM tool (Manage Engine): Collect log data from all network sources (servers applications network devices).
Deployment and Reporting (EventLog Analyzer): Responsible for deploying configuring and generating reports using Event Log Analyzer.
Configure and manage Alert Configuration within security tools.
Log Analysis: Conduct detailed log searches for specific information within the SIEM/Event Log Analyzer to support investigations.
Add new network devices and applications to ensure comprehensive log collection.
Incident Response & Follow-up: Responsible for investigating security incidents.
Manage Incident Management procedures including raising Service Request Forms (SRF) and ticket IDs.
Follow up with the Support team for incident resolution and escalations.
System and Policy Monitoring:
Monitor for security events such as threat attacks UDP flood TCP port scans and Firewall policy Violations.
Monitor user behaviors and identify network anomalies system downtime and policy violations.
Network & Traffic Security
Network Protection and Availability: Responsible for protecting the corporate network and ensuring High Availability of Network & Link failover (e.g. managing network failover router/switch downtime and power redundancy).
Traffic Management: Maintain Email & web Traffic Reputation using the FortiAnalyzer tool analyzing traffic to distinguish between Legitimate Email Spam and Malware attacks.
IP Management: Responsible for blocking and blacklisting IP addresses identified as SPAM sources.
Bandwidth Monitoring: Monitor Network Bandwidth Utilization including identifying websites consuming high bandwidth and tracking TOP Sources/Destinations via FortiAnalyzer.
Threat and Vulnerability Management
Threat Intelligence: Keep tracks on and disseminate information regarding the Latest Zero Day Vulnerabilities Report Microsoft Patch Advisory release Security Bulletins and Security updates.
Vulnerability Assessment (VA): Responsible for Creating Policies and running VA Scans using the Nessus Scan tool.
Policy Creation: Develop implement and maintain security policies and procedures.
Compliance and Audit
Internal Audit: Responsible for coordinating and handling Internal Audits related to information security controls and practices.
QUALIFICATION/KNOWLEDGE/SKILLS/EXPERIENCE
Education & Experience
Bachelors degree in Computer Science Information Technology or a related field.
5 years of experience in Information Security with min. 1 year in a lead or managerial role within a SOC environment.
Relevant industry certifications (e.g. CISSP CISM CompTIA Security CEH) are highly desirable.
Technical Skills
Expert knowledge and hands-on experience with SIEM solutions (specifically Manage Engine and Event Log Analyzer).
In-depth experience with Forti Analyzer for security monitoring and traffic reputation management.
Proficiency in running and analyzing vulnerability scans using tools like Nessus.
Strong understanding of network protocols security architecture and high-availability concepts (link failover redundancy).
Solid experience with incident management log analysis threat hunting and security policy creation.
Required Experience:
Manager
Job DescriptionRoleREPORTS TOGovernance SupportManager / Senior ManagerBRIEF BACKGROUNDHitachi Payment Services is a leading payment solutions provider in the country enabling its customers to grow by offering technology-led cash & digital payment solutions while building a robust payment infrastruc...
Job Description
Role
REPORTS TO
Governance Support
Manager / Senior Manager
BRIEF BACKGROUND
Hitachi Payment Services is a leading payment solutions provider in the country enabling its customers to grow by offering technology-led cash & digital payment solutions while building a robust payment infrastructure in the country driving financial empowerment and enabling social change. We cater to customers such as banks payment aggregators and fintech players who are ready to capture the emerging opportunities in this payments segment.
PURPOSE OF JOB
The Information Security Manager is a critical role responsible for protecting the corporate network and ensuring the security integrity and high availability of our IT infrastructure. This individual will lead the daily operations of the Security Operations Center (SOC) manage security technologies respond to incidents and maintain a proactive defense posture against emerging threats.
KEY RESPONSIBILITIES
Key Responsibilities and Duties
The Information Security Manager will oversee and execute tasks across four core areas: Security Operations Incident & Event Management Threat and Vulnerability Management and Network Reliability.
Security Operations & Incident Management
Lead Daily SOC Operations: Oversee and participate in the daily activities of the Security Operations Center including initial incident recognition and reporting by the Security Analyst team.
Security Incident and Event Management (SIEM):
Own and manage the SIEM tool (Manage Engine): Collect log data from all network sources (servers applications network devices).
Deployment and Reporting (EventLog Analyzer): Responsible for deploying configuring and generating reports using Event Log Analyzer.
Configure and manage Alert Configuration within security tools.
Log Analysis: Conduct detailed log searches for specific information within the SIEM/Event Log Analyzer to support investigations.
Add new network devices and applications to ensure comprehensive log collection.
Incident Response & Follow-up: Responsible for investigating security incidents.
Manage Incident Management procedures including raising Service Request Forms (SRF) and ticket IDs.
Follow up with the Support team for incident resolution and escalations.
System and Policy Monitoring:
Monitor for security events such as threat attacks UDP flood TCP port scans and Firewall policy Violations.
Monitor user behaviors and identify network anomalies system downtime and policy violations.
Network & Traffic Security
Network Protection and Availability: Responsible for protecting the corporate network and ensuring High Availability of Network & Link failover (e.g. managing network failover router/switch downtime and power redundancy).
Traffic Management: Maintain Email & web Traffic Reputation using the FortiAnalyzer tool analyzing traffic to distinguish between Legitimate Email Spam and Malware attacks.
IP Management: Responsible for blocking and blacklisting IP addresses identified as SPAM sources.
Bandwidth Monitoring: Monitor Network Bandwidth Utilization including identifying websites consuming high bandwidth and tracking TOP Sources/Destinations via FortiAnalyzer.
Threat and Vulnerability Management
Threat Intelligence: Keep tracks on and disseminate information regarding the Latest Zero Day Vulnerabilities Report Microsoft Patch Advisory release Security Bulletins and Security updates.
Vulnerability Assessment (VA): Responsible for Creating Policies and running VA Scans using the Nessus Scan tool.
Policy Creation: Develop implement and maintain security policies and procedures.
Compliance and Audit
Internal Audit: Responsible for coordinating and handling Internal Audits related to information security controls and practices.
QUALIFICATION/KNOWLEDGE/SKILLS/EXPERIENCE
Education & Experience
Bachelors degree in Computer Science Information Technology or a related field.
5 years of experience in Information Security with min. 1 year in a lead or managerial role within a SOC environment.
Relevant industry certifications (e.g. CISSP CISM CompTIA Security CEH) are highly desirable.
Technical Skills
Expert knowledge and hands-on experience with SIEM solutions (specifically Manage Engine and Event Log Analyzer).
In-depth experience with Forti Analyzer for security monitoring and traffic reputation management.
Proficiency in running and analyzing vulnerability scans using tools like Nessus.
Strong understanding of network protocols security architecture and high-availability concepts (link failover redundancy).
Solid experience with incident management log analysis threat hunting and security policy creation.
In the fast changing world of money and banking, we empower Banks, Fintechs and Aggregators with innovative and end-to-end payment solutions that create customer delight, drive profitability and most importantly, bring payment services closer to people.
Job Location:
Monthly Salary:
Posted on:
Vacancies:
