Role Description

Security Assurance Manager, will lead the team to perform vulnerability assessment, vulnerability management and penetration testing on the infrastructure, systems and applications of SoftwareOne. Will also be expected to be the technical expert in the team and mentor juniors as well as create and present reports to management and stakeholders.

As a Security Assurance Manager

• Plans and oversees the delivery of testing services to determine whether infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorization, and non-repudiation standards.
• Reports on testing outcomes and activities.
• Provides recommendations and manages stakeholder expectations.
• Ensures compliance with assessment and testing standards, processes, and tools.
• Develops organizational testing capability and supports knowledge management.

 Manage VAPT Deliverables:

• Plan technology / resources for Assurance Team for successful execution of assurance function.
• Propose corrections and recommendations to improve and facilitate certification of software.
• Provide advice based on security VAPT considerations.
• Communicate the outcome of testing initiatives and results to the stakeholder groups.
• Approve documentation to certify penetration testing results.
• Develop frameworks and dashboards for the reporting of VAPT results.
• Oversee vulnerability assessment and penetration testing (VAPT) activities:
• Recommend strategies and techniques to mitigate identified risks.
• Design service strategies and scope for security testing technologies and solutions.
• Drive cyber security awareness within the organization.
• Recommend strategic and operational changes to security testing to address new threats.
• Provide advice on complex security test data analysis to support security vulnerability assessment processes, including root cause analysis.
• Establish test metrics to benchmark against requirements and industry best practices.
• Monitor the conduct of certification tests, audits, inspections and reviews.
• Act as an escalation point on issues, dependencies, and risks related to security testing.
• Lead team members to continuously improve testing capabilities
  Incorporate emerging security and risk management trends, issues, and alerts in
  penetration testing activities.

Manage people and organization:

• Review the utilization of resources.
• Implement succession planning initiatives for key management positions.
• Review operational strategies, policies and targets across teams and projects.
• Oversee the development of learning roadmaps for teams and functions.
• Establish performance indicators to benchmark effectiveness of learning and development programs against best practices.
• Develop strategies for resource planning and utilization.
• Assists with the development and maintenance of IT security measurement and reporting systems to aid in monitoring effectiveness of IT Security programs.
• Develop, revise and maintenance Standard Operating Procedures and Working Instructions of the SOC to the high standards and support/train VAPT Analysts.
• Develop and maintain good communications and working relationships with teams and external clients.