Sr. Manager

How will you contribute?

• Risk Management:
• Conduct comprehensive threat modelling to identify potential threats and vulnerabilities.
• Perform detailed risk assessments to evaluate the impact and likelihood of risks.
• Security by Design:
• Develop and implement secure design principles and practices.
• Ensure secure coding practices are followed by the development teams.
• Vulnerability Management:
• Lead regular security testing, including static and dynamic analysis and penetration testing.
• Evaluate and prioritize vulnerability fixes based on risk and impact.
• Identify and eliminate false positives to streamline remediation efforts.
• Compliance and Regulatory Adherence:
• Ensure products comply with relevant security standards and regulations.
• Maintain and update documentation and evidence of compliance.
• Support internal and external audit processes for the product.
• Incident Response:
• Develop and maintain product-specific incident response plans.
• Provide expert knowledge and support to the SOC (Security Operations Center) for effective incident management.
• Continuous Improvement:
• Stay updated with the latest security threats, technologies, and best practices.
• Continuously improve security practices and processes within the product development lifecycle

What will you bring?

• Education: A degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Certifications: Relevant cybersecurity certifications such as CISSP, CISM, CEH, or equivalent preferred.
• Experience in Cybersecurity: 10-15 years of experience in cybersecurity or related fields.
• Product Security Experience: At least 5 years of specific experience in product security, ideally in FinTech related roles.
• Leadership: Proven leadership skills with a minimum of 3-5 years in a managerial role, overseeing cybersecurity teams or projects.
• Technical Skills:
• In-depth knowledge of cybersecurity principles, secure coding, vulnerability management and risk assessment.
• Proficiency in modern cloud technologies (AWS, Azure, GCP), containerization (Docker), and orchestration (Kubernetes).
• Strong understanding of serverless computing, API security, OS hardening, SDLC and network security.
• Analytical Skills: Strong ability to analyze and mitigate security risks and vulnerabilities.
• Collaboration: Effective collaboration skills to work with cross-functional teams.
• Continuous Learning: Commitment to staying updated with the latest security trends and technologies.