Asst Manager - L2Shift 24x7Location - MumbaiThe role is responsible for implementing and managing a Hybrid Security Service Edge (H-SSE) framework with Zero Trust Network Architecture (ZTNA) for bank. The candidate will ensure the solution is secure, scalable, resilient, highly available, and compliant with RBI, CERT-In, Indian IT laws, foreign regulatory mandates (where applicable), and bank Information Security Policy Framework.Key Responsibilities1. H-SSE & Zero Trust Architecture- Implement Hybrid SSE architecture combining cloud-based SSE and on-prem security controls. - Implement Zero Trust Network Architecture (ZTNA) with identity-based, role-based, and context-aware access. - Define architecture for local internet breakout across bank branches and offices. - Ensure high availability, redundancy, disaster recovery, and scalability.2. Cloud-Based Security Service Edge- Deploy and manage Cloud-based SSE to secure user access to: - Internet websites - Cloud applications - SaaS platforms - Implement advanced security controls including: - Secure Web Gateway (SWG) - CASB - Firewall-as-a-Service (FWaaS) - Advanced Threat Protection - URL filtering and malware protection3. On-Premises Secure Web Gateway- Design and operate On-Prem Secure Web Gateway (SWG) for: - Critical servers - Internet-facing systems - Integrate on-prem SWG with cloud SSE for unified policy enforcement.4. Cloud-Based VPN / Private Application Access- Implement Cloud-based VPN / Private Application Access for secure access to bank’s internal systems. - Enable role-based and least-privileged access to applications. - Ensure seamless integration with IAM, MFA, and device posture checks.5. Data Loss Prevention (DLP)- Implement DLP controls for internet and private application access. - Prevent leakage of Bank’s sensitive data and PII in compliance with: - RBI guidelines - CERT-In directives - Data privacy and localization mandates - Define and enforce data classification and protection policies.6. Local Internet Breakout & Global Offices- Enable local internet breakout from branches/offices routed via H-SSE. - Plan and execute migration of Internet Proxies at 10 foreign offices to H-SSE. - Ensure compliance with country-specific regulatory requirements for foreign locations.7. Compliance & Governance- Ensure compliance with: - RBI, CERT-In, and Indian IT Act - Applicable foreign regulatory and statutory mandates - Bank Information Security Policy Framework - Support audits, VA/PT, regulatory inspections, and compliance reporting.8. Managed Services & Operations- Provide 24x7 managed security services including: - Monitoring - Incident response - Policy management - Change management - Define SLAs, KPIs, SOPs, and escalation matrices. - Coordinate with bank stakeholders, OEMs, and internal teams.Technical Skills Required- SSE / SASE platforms (Zscaler, Palo Alto Prisma, Netskope, Forcepoint, etc.) - Zero Trust / ZTNA architecture - Secure Web Gateway (Cloud & On-Prem) - VPN, Private Access, Remote Access Security - DLP (Endpoint, Network, Cloud) - IAM, MFA, SSO integration - Network Security (Firewalls, Proxies, Routing) - High Availability & DR design - Compliance & Audit supportEducational Qualification:-1. BE / ME (Computer / IT & Allied Branches / ECE)2. B. Tech / M. Tech (Computer / IT / ECE)3. MCA4. MSc (Computer / IT & Allied BranchesOEM / Professional Certification for Cloud SolutionCCSP / AZ-305 (Azure Solutions Architect Expert) / AWS Certified Solutions Architect / GCP Professional / OEM Certificates at least professional/advanced/expert level / OEM relevant Certification on SSEIndustry Experience for Cloud / SSE Solution5+ years of total experience out which 3 years of relevant experience in implementing and managing the SSE solution.
Job Title
Assistant Manager