IT Infrastructure Information Security Manager

5 - 8 Years

you’ll be our: Information Security Manager

you’ll be based at: IBC Knowledge Park, Bengaluru

you’ll be Aligned with: Head- IT

you’ll be a member of:IT Team

What you’ll do at Ather:

  • Contribute to security strategy, vision and roadmap

  • Define and iterate upon security policies based on best security practices and its implementation

  • Create and foster a security culture in cloud operations and development

  • Collaborate with Engineering and Operations teams to address security vulnerabilities and risks.

  • Advocate Security best practices throughout Ather

  • Advise product and operations teams on product and infrastructure security as the Security subject matter expert (SME)

  • Automation of vulnerability assessments and other security related SecOps tasks

  • Hands-on technical expertise in building scripts, tools, or methodologies that enhance threat detection and incident response capabilities. 

  • Strong knowledge of GCP (Google Cloud)/AWS products and Cloud services. 

  • Expertise in maintaining security posture, Vulnerability Management. 

  • Understanding of GCP native security controls and third party security controls fundamental Understanding of overall cloud security 

  • Previous experience with at least of following: Cloud Security Consulting & Architecture, cloud security solutions covering public, private and hybrid cloud platforms, Build and orchestrate cloud security strategy plans and roadmap in line with Ather security framework and industry best practices

  • Produce and present security reports for management

  • Take part in red-team and offensive security exercises where applicable

  • Develop incident response playbooks, respond to the incident, containment steps in collaboration with internal and external stakeholders, collect digital evidence related to incidents, ability to perform investigation for incident, training, analysis and legal proceedings. timely identification of threats and mitigation.

  • Manage the day-to-day activities of threat and vulnerability management including Vulnerability Assessment (VA), Penetration Testing (PT), Application security assessment (Appsec), Firewall Rule Base review

  • Develop, review and update hardening standards and guidelines.

  • Collaboratively work with application engineering / architect / development / product teams and guide them to follow the Security gates set as per application security process

  • Evaluate application security processes as it relates to application, risk management, threat modelling, security testing, compliance, penetration testing, and security tooling and provide process governance

Here’s what we are looking for: 

  •  Strong knowledge on Endpoint protection (Endpoint Detection and Response), Intrusion detection and prevention systems (IPS/IDS) , Managed Detection and Reaction(MDR), Security Automation and Orchestration (SOAR), Cloud Security Advisory, Key Management / Tokenization, certificate management, DevOps Security, Container and Micro services security

  • Technical expertise in designing, building, assessment and operating enterprise/cloud security solutions, such as WAF, CASB, SAST, DAST, IAST, IPS, Anti-DDoS, and SIEM.

  • Strong knowledge in malware analysis and the ability to conduct a detailed analysis of various security-related events like Phishing, Malware, DoS/DDoS, Application-specific Attacks, Ransomware etc

  • Proficiency with any of the following: EDR, Anti-Virus, Vulnerability Management, HIPS, NIDS/NIPS, Full Packet Capture, Host-Based Forensics, Network-Based Forensics, and Encryption

  • Exposure to the Application Security Vulnerabilities (OWASP Top 10), security testing methodologies and related tools such as Fortify, WebInspect, BurpSuite

  • Programming experience (Java/J2EE, JavaScript, AJAX, PHP, Python) will be an added advantage

  • Certificates: CCSA,CISSP, CISM, CISA, CRICS, CEH,, CCNA - Security, CompTIA Security

  • Knowledge of ISO27000 series, PCI-DSS, ITIL standards, Personal Data Protection

You bring to Ather:

  • 5 to 8 years of relevant experience in the eCommerce/B2C/BFSI industry

  • Graduate in Computer Science with certifications in CEH/ CISSP/CCSP/CHFI

Enter Details