Manager - Information Security Risk Management (VAPT)

1 month ago


Gurugram, India Max Life Insurance Company Limited Full time

Job Summary

The successful applicant will be responsible for assessing the security posture of existing and proposed systems, platforms, and processes to protect and continually improve the confidentiality, integrity, and availability of information systems in accordance with the MLI’s business

objectives, regulatory requirements, and strategic goals.


Key Responsibilities

  • Provide innovation within the context of the Vulnerability and Penetration Testing (VAPT) program in relation to both process and technology.
  • Design, implement, and support VAPT solutions identified as necessary for the protection of organization’s assets.
  • Serve as a Subject Matter Expert (SME) for the VAPT function.
  • Serve as the system owner for common VAPT toolsets, platforms, and processes.
  • Assess the sufficiency of policies, standards and procedures relative to VAPT best practices. Author standards and procedures designed to continually improve security posture.
  • Perform authorized attack surface reviews and penetration tests against specific targets at the direction of the CISO
  • Provide input into security risk assessments by leveraging specialized knowledge.
  • Work with DevSecOps team for continuous analysis and improvement.
  • Report compliance failures to management for immediate remediation.
  • Mentor junior members of the VAPT group and provide constructive consultation to other peer groups such as IT Development.
  • Assisting the Chief Information Security Officer in the fulfilment of responsibilities


Measures of Success

  • Ensure quality and timely VAPT execution in line with industry best practices
  • Compliance to regulatory obligations
  • Improving operational efficiency and knowledge within the IS team


Key Competencies / Skills Required

VAPT, Configuration Reviews, Network Architecture reviews, Ethical Hacking


Desired qualification and experience

  • Graduate/Post Graduate degree in Information management and security (pref. B. Tech/M.Tech/MS)
  • 5+ years of professional experience in information security with a focus on vulnerability assessment and penetration testing.
  • Extensive experience with common automated VAPT tools such as Nessus, Appscan, Burp Suite, Nipper etc. Proficiency with other common attack tools and frameworks such as Wireshark, Kali, and Metasploit, etc.
  • Ability to validate the presence of identified vulnerabilities with accuracy.
  • Must have the ability to perform targeted penetration tests without use of automated tools.
  • Capable of providing assistance with the preparation of internal training materials and documentation.
  • Passionate in the practice and pursuit of VAPT excellence
  • Knowledge of cloud technologies and cloud hosting (nice to have)
  • Relevant certifications CEH, ECSA, OSCP, OSCE is an added advantage
  • Strong Communication skills


  • Gurugram, India Max Life Insurance Company Limited Full time

    Job SummaryThe successful applicant will be responsible for assessing the security posture of existing and proposed systems, platforms, and processes to protect and continually improve the confidentiality, integrity, and availability of information systems in accordance with the MLI’s businessobjectives, regulatory requirements, and strategic goals.Key...


  • Gurugram, India Max Life Insurance Company Limited Full time

    Job Summary The successful applicant will be responsible for assessing the security posture of existing and proposed systems, platforms, and processes to protect and continually improve the confidentiality, integrity, and availability of information systems in accordance with the MLI’s business objectives, regulatory requirements, and strategic goals....


  • gurugram, India Max Life Insurance Company Limited Full time

    Job SummaryThe successful applicant will be responsible for assessing the security posture of existing and proposed systems, platforms, and processes to protect and continually improve the confidentiality, integrity, and availability of information systems in accordance with the MLI’s businessobjectives, regulatory requirements, and strategic goals.Key...


  • gurugram, India Max Life Insurance Company Limited Full time

    Job Summary The successful applicant will be responsible for assessing the security posture of existing and proposed systems, platforms, and processes to protect and continually improve the confidentiality, integrity, and availability of information systems in accordance with the MLI’s business objectives, regulatory requirements, and strategic goals. Key...

  • VAPT Engineer

    2 months ago


    Gurgaon/Gurugram, India Right Advisors Pvt. Ltd. Full time

    Exp : 3-6 YearsLocation : Gurgaon(WFO) Profile : VAPT(Vulnerability assessment and Penetration Testing)Qualification : B.Tech/B.Sc/BCAJob Description : We are seeking a highly skilled and motivated Vulnerability Assessment and Penetration Testing (VAPT) Specialist to join our dynamic cybersecurity team. The ideal candidate will be responsible for...


  • Gurugram, India Aviva India Full time

    Purpose: The jobholder is responsible for articulating and reporting the risk profile of the Company from an information and cyber security perspective through ongoing reviews, assessments, checks and challenges, providing assurance on enforcement of the IS/CS policies that Company is using to protect the information assets, provide specialist support to...


  • Gurugram, India Aviva India Full time

    Purpose: The jobholder is responsible for articulating and reporting the risk profile of the Company from an information and cyber security perspective through ongoing reviews, assessments, checks and challenges, providing assurance on enforcement of the IS/CS policies that Company is using to protect the information assets, provide specialist support to...


  • Gurugram, Haryana, India Right Advisors Private Limited Full time

    Exp:3-6 Yrs Budget - 18 LPA Location - Gurgaon(WFO) Profile: VAPT(Vulnerability assessment and Penetration Testing) Qualification: B.Tech/B.Sc/BCA **Key Responsibilities**: - Perform source code review, architecture review, configuration review assessment. - Conduct penetration tests to exploit identified vulnerabilities and assess the impact on the...


  • Gurgaon/Gurugram, India Randstad Digital Full time

    Hiring for Lead - Information Security, Risk and Audit ComplianceExperience : 6+ Years Location : Gurgaon (WFO)Need only Immediate Joiners Job Description : This is a full-time role for an Information Security Manager (Lead). The Information Security manager will be responsible for managing the information security program for PSS Systems and Services. ...


  • Gurugram, India Artiscien Software Solution Pvt.Ltd Full time

    Job Description:Monitoring 24*7 SOC/event log to ensure compliance with security policies.Keeping up to date with developments in IT security standards and threats.Performing cyber crises management and VAPT to find any flaws in application and infra.Identifying vulnerabilities in application & IT infra.Developing and implementing a comprehensive plan to...


  • Gurugram, India RiskBerg Consulting Full time

    Job Description:Responsible for managing delivery of ISMS and SOC2 projects, and driving technology risk and compliance activities in GRC domain for multiple customers. Job profile includes:Execute client facing consulting projects related to ISMS, IT Audit/ Assurance, SOC 2 and GDPRPerform Information Security and ITGC related assessments to cover domains...


  • gurugram, India RiskBerg Consulting Full time

    Job Description: Responsible for managing delivery of ISMS and SOC2 projects, and driving technology risk and compliance activities in GRC domain for multiple customers.   Job profile includes: Execute client facing consulting projects related to ISMS, IT Audit/ Assurance, SOC 2 and GDPR Perform Information Security and ITGC related assessments to cover...


  • gurugram, India RiskBerg Consulting Full time

    Job Description:Responsible for managing delivery of ISMS and SOC2 projects, and driving technology risk and compliance activities in GRC domain for multiple customers. Job profile includes:Execute client facing consulting projects related to ISMS, IT Audit/ Assurance, SOC 2 and GDPRPerform Information Security and ITGC related assessments to cover domains...


  • Gurugram, India RiskBerg Consulting Full time

    Job Description: Responsible for managing delivery of ISMS and SOC2 projects, and driving technology risk and compliance activities in GRC domain for multiple customers.   Job profile includes: Execute client facing consulting projects related to ISMS, IT Audit/ Assurance, SOC 2 and GDPR Perform Information Security and ITGC related assessments to cover...


  • Gurugram, India RiskBerg Consulting Full time

    Job Description:Responsible for managing delivery of ISMS and SOC2 projects, and driving technology risk and compliance activities in GRC domain for multiple customers. Job profile includes:Execute client facing consulting projects related to ISMS, IT Audit/ Assurance, SOC 2 and GDPRPerform Information Security and ITGC related assessments to cover domains...

  • Chief Manager

    2 weeks ago


    Gurugram, India Ananya Finance For Inclusive Growth Private Limited Full time

    Company Overview :Ananya Finance for Inclusive Growth Pvt. Ltd. (Ananya) is an NBFC set up by Friends of Women’s World Banking – India (FWWB) in 2009, intending to reach out to a large section of microfinance institutions (MFIs) and grass-root entities. Ananya is among the most responsible NBFCs in India with the urge and commitment to serve underserved...

  • Chief Manager

    2 weeks ago


    Gurugram, India Ananya Finance For Inclusive Growth Private Limited Full time

    Company Overview : Ananya Finance for Inclusive Growth Pvt. Ltd. (Ananya) is an NBFC set up by Friends of Women’s World Banking – India (FWWB) in 2009, intending to reach out to a large section of microfinance institutions (MFIs) and grass-root entities. Ananya is among the most responsible NBFCs in India with the urge and commitment to serve...


  • gurugram, India Aviva India Full time

    Purpose: The jobholder is responsible for articulating and reporting the risk profile of the Company from an information and cyber security perspective through ongoing reviews, assessments, checks and challenges, providing assurance on enforcement of the IS/CS policies that Company is using to protect the information assets, provide specialist support to...


  • gurugram, India Aviva India Full time

    Purpose: The jobholder is responsible for articulating and reporting the risk profile of the Company from an information and cyber security perspective through ongoing reviews, assessments, checks and challenges, providing assurance on enforcement of the IS/CS policies that Company is using to protect the information assets, provide specialist support to...

  • Information Security

    2 months ago


    gurugram, India VMock Full time

    Job Summary:We are seeking a highly motivated Information Security & Compliance Manager to join our dynamic team at VMock. You will leverage your technical expertise and communication skills to ensure our information security program meets or exceeds industry regulations and standards while directly addressing client concerns and requirements. You will be a...