Assistant Vice President - Vulnerability Management

Posted Yesterday
Be an Early Applicant
Gurugram, Haryana, IND
In-Office
Senior level
Fintech • Software • Financial Services
The Role
Lead and run the vulnerability assessment, penetration testing and patch management programs. Develop frameworks, prioritize and remediate vulnerabilities, manage vendors, ensure compliance with security standards, report metrics to leadership, and improve overall security posture across IT assets.
Summary Generated by Built In

About Us

SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone.

SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, color, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work.

Join us to shape the future of digital payment in India and unlock your full potential.

What’s in it for YOU

  1. SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees
  2. Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees
  3. Dynamic, Inclusive and Diverse team culture 
  4. Gender Neutral Policy
  5. Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits
  6. Commitment to the overall development of an employee through comprehensive learning & development framework

Role Purpose 

Responsible for implementing and managing Infrastructure vulnerability tools and processes to reduce technical risks due to vulnerabilities, including identifying and evaluating vulnerabilities and supporting remediation activities. This role is also responsible for leveraging expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT landscape across SBIC Card environment.

Role Accountability 

  1. Lead the Vulnerability Assessment, Penetration Testing & Patch Management Program in support of the functional & company strategy, goals, and performance objectives
  2. Manage development, implementation, and effectiveness of vulnerability management and security testing programs, initiatives, and capabilities
  3. Assist with planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements
  4. Develop Vulnerability management framework, support compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks
  5. Provide technical expertise for information security policies and standards
  6. Conduct vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience
  7. Perform vulnerability risk profiling and prioritization of vulnerabilities
  8. Identify, research, validate, and exploite various different known and unknown security vulnerabilities on server and client side
  9. Perform regular status reviews with IT asset owners & senior leadership to ensure compliance with InfoSec policies
  10. Coordinate patch management/Remediation activities for all IT assets (workstations, network, server, application, database etc.)
  11. Develop and Monitor patch deployment schedules for all Vulnerability assessments and penetration testing on an ongoing basis as well as auditing for completeness
  12. Provide communications across the organization, interfacing with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability and Patch Management team
  13. Maintain relationship with managed security services vendor leadership to ensure effective implementation and operation of security programs, ongoing support and deployment of competent resources
  14. Oversee the development, implementation and maintenance of vendor standard operating procedures/ run book in line with SBI Card policies & standards
  15. Provide technical & program management expertise and oversight over vendor teams
  16. Monitor vendor SLAs, perform regular review with vendor management and report to SBI Card leadership
  17. Ensure process documentation and compliance adherence

Measures of Success 

  1. Reduction in security vulnerabilities in SBI Card IT platforms
  2. Number of enhancement opportunities identified for the security posture to reduce overall risk to SBI Card
  3. Reduction in information leakage and exploitation from vulnerabilities
  4. Security metrics / SLA / KPIs are within acceptable threshold
  5. Timely updation of Application Security & Vulnerability Management related standards and SOPs and other documents 
  6. No adverse observations in Internal / External Audits 
  7. Process Adherence as per MOU

Technical Skills / Experience / Certifications 

  1. Understanding of Vulnerability Management Program including Assessment and Remediation
  2. Experience analyzing risk and prioritization of vulnerabilities, validating vulnerability reports and driving remediation.
  3. Understanding of the overall threat and vulnerability management process, including metrics to measure performance
  4. Working knowledge of compliance frameworks and security management standards (e.g., ISO 27001, NIST CSF. PCI-DSS etc.)
  5. Thorough understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments)
  6. Strong knowledge in industry standard VAPT tools like Nessus, Rapid7, AWS Inspector and open source tools

Competencies critical to the role

  1. Stakeholder Management 
  2. Analytical ability 
  3. Innovation & Problem Solving
  4. Market Awareness

Qualification 

Bachelor of Engineering in Computer Science / Engineering, Masters in Computer Science

Preferred Industry

BFSI / NBFC /E-commerce/IT & ITES / Telecom

Skills Required

  • Understanding of Vulnerability Management Program including Assessment and Remediation
  • Experience analyzing risk and prioritization of vulnerabilities, validating vulnerability reports and driving remediation
  • Understanding of the overall threat and vulnerability management process, including metrics to measure performance
  • Working knowledge of compliance frameworks and security management standards (ISO 27001, NIST CSF, PCI-DSS)
  • Thorough understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments)
  • Strong knowledge in industry standard VAPT tools like Nessus, Rapid7, AWS Inspector and open source tools
  • Bachelor of Engineering in Computer Science / Engineering
  • Masters in Computer Science
  • Experience in BFSI / NBFC / E-commerce / IT & ITES / Telecom (preferred industry)
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Calcutta
24,089 Employees

What We Do

SBI Card was launched in 1998 with the State Bank of India, India's largest bank, as the majority stakeholder. In March 2020, SBI Card was listed on BSE and NSE. Today, SBI Card is India’s largest pure-play credit card issuer with over 20 million cards in force, as of December 2024. Its wide array of products and services caters to a diverse range of customer segments across India, right from new-to-credit to super premium. The SBI Card brand is based on the value proposition of 'Make Life Simple'. The proposition manifests in SBI Card’s continuous efforts to simplify the lives of its customers, employees and other key stakeholders. Customer-centricity, supported by the values of trust and transparency, is core to SBI Card’s ethos.

Similar Jobs

CrowdStrike Logo CrowdStrike

Automation Engineer

Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Remote or Hybrid
India
10000 Employees

Ericsson Logo Ericsson

Consultant

Cloud • Information Technology • Internet of Things • Machine Learning • Software • Cybersecurity • Infrastructure as a Service (IaaS)
In-Office
3 Locations
88000 Employees

Ericsson Logo Ericsson

Global Resilience Consulting Lead

Cloud • Information Technology • Internet of Things • Machine Learning • Software • Cybersecurity • Infrastructure as a Service (IaaS)
In-Office
3 Locations
88000 Employees
15-15 Annually

Ericsson Logo Ericsson

Consultant

Cloud • Information Technology • Internet of Things • Machine Learning • Software • Cybersecurity • Infrastructure as a Service (IaaS)
In-Office
4 Locations
88000 Employees

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account