|
Role |
REPORTS TO |
|
Governance Support |
Manager / Senior Manager |
|
BRIEF BACKGROUND |
|
|
Hitachi Payment Services is a leading payment solutions provider in the country, enabling its customers to grow by offering technology-led cash & digital payment solutions while building a robust payment infrastructure in the country, driving financial empowerment and enabling social change. We cater to customers such as banks, payment aggregators and fintech players who are ready to capture the emerging opportunities in this payments segment. |
|
|
PURPOSE OF JOB |
|
|
The Information Security Manager is a critical role responsible for protecting the corporate network and ensuring the security, integrity, and high availability of our IT infrastructure. This individual will lead the daily operations of the Security Operations Center (SOC), manage security technologies, respond to incidents, and maintain a proactive defense posture against emerging threats. |
|
|
KEY RESPONSIBILITIES |
|
|
Key Responsibilities and Duties The Information Security Manager will oversee and execute tasks across four core areas: Security Operations, Incident & Event Management, Threat and Vulnerability Management, and Network Reliability. Security Operations & Incident Management Lead Daily SOC Operations: Oversee and participate in the daily activities of the Security Operations Center, including initial incident recognition and reporting by the Security Analyst team. Security Incident and Event Management (SIEM): o Own and manage the SIEM tool (Manage Engine): Collect log data from all network sources (servers, applications, network devices). o Deployment and Reporting (EventLog Analyzer): Responsible for deploying, configuring, and generating reports using Event Log Analyzer. o Configure and manage Alert Configuration within security tools. o Log Analysis: Conduct detailed log searches for specific information within the SIEM/Event Log Analyzer to support investigations. o Add new network devices and applications to ensure comprehensive log collection. Incident Response & Follow-up: Responsible for investigating security incidents. o Manage Incident Management procedures, including raising Service Request Forms (SRF) and ticket IDs. o Follow up with the Support team for incident resolution and escalations. System and Policy Monitoring: o Monitor for security events such as threat attacks, UDP flood, TCP port scans, and Firewall policy Violations. o Monitor user behaviors and identify network anomalies, system downtime, and policy violations. |
|
|
Network & Traffic Security • Network Protection and Availability: Responsible for protecting the corporate network and ensuring High Availability of Network & Link failover (e.g., managing network failover, router/switch downtime, and power redundancy). • Traffic Management: Maintain Email & web Traffic Reputation using the FortiAnalyzer tool, analyzing traffic to distinguish between Legitimate Email, Spam, and Malware attacks. • IP Management: Responsible for blocking and blacklisting IP addresses identified as SPAM sources. • Bandwidth Monitoring: Monitor Network Bandwidth Utilization, including identifying websites consuming high bandwidth and tracking TOP Sources/Destinations via FortiAnalyzer. Threat and Vulnerability Management • Threat Intelligence: Keep tracks on and disseminate information regarding the Latest Zero Day Vulnerabilities Report, Microsoft Patch Advisory release, Security Bulletins, and Security updates. • Vulnerability Assessment (VA): Responsible for Creating Policies and running VA Scans using the Nessus Scan tool. • Policy Creation: Develop, implement, and maintain security policies and procedures. Compliance and Audit • Internal Audit: Responsible for coordinating and handling Internal Audits related to information security controls and practices. |
|
QUALIFICATION/KNOWLEDGE/SKILLS/EXPERIENCE |
|
Education & Experience • Bachelor's degree in Computer Science, Information Technology, or a related field. • 5 years of experience in Information Security, with min. 1 year in a lead or managerial role within a SOC environment. • Relevant industry certifications (e.g., CISSP, CISM, CompTIA Security+, CEH) are highly desirable. Technical Skills • Expert knowledge and hands-on experience with SIEM solutions (specifically Manage Engine and Event Log Analyzer). • In-depth experience with Forti Analyzer for security monitoring and traffic reputation management. • Proficiency in running and analyzing vulnerability scans using tools like Nessus. • Strong understanding of network protocols, security architecture, and high-availability concepts (link failover, redundancy). • Solid experience with incident management, log analysis, threat hunting, and security policy creation. |