Purpose of the Job
The Security Assurance Manager supports the Head of Security Assurance in overseeing the execution of security assurance activities within the organization. This role assists in conducting security assessments, penetration testing, vulnerability scans, and evaluating the effectiveness of security controls. The Security Assurance Manager contributes to ensuring that the organization's security posture is robust and continuously improving, working closely with various departments to implement security best practices and remedial actions.
The overall purpose of this role is to:
- Manage security assessments, penetration testing, and vulnerability scans to identify and mitigate security risks.
- Participate in evaluating and enhancing the effectiveness of existing security controls, ensuring the organization's security measures are robust and continuously improving.
- Promote and enforce application security best practices during software development and deployment.
- Ensure cloud environments are secure through comprehensive cloud security assurance activities.
- Contribute to benchmark scanning, red/purple teaming exercises, and security awareness programs to foster a security-conscious culture within the organization.
Provide detailed reports and maintain thorough documentation of all security processes, findings, and remediation efforts.
Job Description
- Lead and manage comprehensive security assessments to identify and mitigate security risks.
- Oversee the planning and execution of penetration tests to uncover vulnerabilities in systems, applications, and networks.
- Analyze results and collaborate with technical teams to remediate identified vulnerabilities.
- Manage regular vulnerability scanning processes to detect security weaknesses.
- Assess the effectiveness of existing security controls and recommend improvements.
- Develop and implement strategies to enhance the organization’s security measures.
- Ensure that application security best practices are followed during the development and deployment of software.
- Conduct security reviews and provide guidance to development teams on secure coding practices.
- Oversee cloud security assurance activities to ensure cloud environments are secure.
- Collaborate with cloud operations teams to address security concerns and implement best practices.
- Conduct scanning to ensure compliance with security standards and best practices.
Job Requirements - Experience and Education
- Bachelor's degree in Information Security, Computer Science, or a related field.
- 4-6 years background in IT including conducting security assessments
- Proficiency in security assessment tools and methodologies.
- Understanding of security frameworks and standards (e.g., ISO 27001, NIST).
- Experience with cloud security best practices and technologies.
- Ability to work collaboratively with cross-functional teams.
Relevant security certifications such as CEH, OSCP, or similar.