• Own and manage the information security program for the organization
• Perform security incident management and reporting including RCA. This includes working with all stakeholders both internal and external
• Work with internal and external stakeholders in performing vulnerability assessments and penetration tests for the infrastructure (IT and Cloud); and application security testing (DAST SAST) for the product and track the findings to closure
• Work closely in integrating security tools, standards, and processes into the product lifecycle
• Perform BCP DR Testing
• Ensure compliance with contractual certification requirements like SOC1, SOC2, ISO27001, HIPAA, and PCI DSS from an Information Security perspective
• Manage and monitor security operations and related tools technologies
• Respond to security questionnaires in time.

What skills do I need

• Around 10+ years of relevant experience
• Experience in application security testing (OWASP top 10), vulnerability assessments and penetration testing
• Working knowledge in using DAST, SAST, VAPT tools
• Good understanding of Product Security (SaaS)
• Knowledge in Cloud Security
• Bug bounty program experience
• Understand application architecture controls design based on security standards and regulations such as NIST, PCI-DSS, ISO etc.
• Work as an Individual Contributor
• Very good understanding of Logging, Monitoring, Security Operations
• Working knowledge in SIEM tools
• Ability to perform Risk Assessments and Business Impact Analysis
• Experience in Security Incident Management
• Be Proactive, organized, analytical, detail-oriented and persistent
• Certifications preferred: CEH, CISSP, OSCP

Role: Manager Information Security

Industry Type: Software Product

Department: IT & Information Security

Employment Type: Full Time, Permanent

Role Category: IT Security

Education

UG: Any Graduate

PG: Any Postgraduate

Key Skills

• RCAI
• SO
• Nutrition
• Information security
• Analytical
• HIPAA
• Customer retention
• Incident management
• Security operations
• CRM

About company

Zenoti provides an all-in-one, cloud-based software solution for the spa, salon and med spa industry. The Zenoti platform is engineered for reliability and scale, harnessing the power of enterprise-level technology for businesses of all sizes.Zenoti power