Lead Risk – Infrastructure Security

From 7 to 10 year(s) of experience
₹ Not Disclosed by Recruiter

Job Description

Roles and Responsibilities

  • Get Conducting appsec, source code review, VA and CA round the clock to release it for application installation.
  • Closing of Vulnerabilities and highlighting it into various committee meeting like IRMC, RMC
  • Maintaining MoM progress and Do through analysis and suggest patch management to priorities critical, high vulnerabilities to patch.
  • Provide solution for false positive.
  • Work towards 100% Coverage of Assets/application in VA tool, appsec and source code review program as per Calendar or Adhoc request of assessment.
  • Reviewing new, upgrade NPCI applications, IT applications 2.
  • Suggest IS recommendation
  • Before go-live review all IS process/ policy/ controls are deployed for particular project/ application.
  • Review/approve users requirements against various system access like ARCOS, Software installation, VPN, Proxy
  • Review/approve of network port , cloud port access for servers, applications
  • Service desk ticket to close within TAT of 3 days for the various above mentioned requirement
  • Risk Acceptance form (RAF) raised by application team on the residual risk to be compressively assess and put to superior.
  • Manage/ review IS compliance for the various entities like Banks, TPAPs, Merchants, ASPs etc
  • Run & monitored VA/CA program, Appsec, Source code review program using empanelled vendor as per monthly/annual/adhoc cycle
  • Update, upgrade existing tools and Assess/ POC of new technology tool
  • Weekly assess the activity assigned to team/ vendor

Educational Qualifications:

BE or BSc , MCA/M.Tec is preferable

He must be having any two of the Certifications like CISA, CISM, CEH, Microsoft Certifications, Cloud Certification.


  • Minimum 10 yr. of experience in carrying out infra security or Risk management profile with overall 15 + yrs. of total experience
  • Working knowledge on all tool and technologies like Nessus, nmap, Burpsuite, Checkmarx etc
  • Working Knowledge on minimum 5-7 Security Controls like AD, AV, Proxy, Firewall, IPS, DLP, NAC, Patch Management, DNS, VPN, ARCOS, EV-SSL, digital certificates, Honeypot, FW Analyzer etc.
  • Should have very good knowledge on Networking, Network OS, Databases & applications like tomcat, apcahe, IIS etc.
  • Technical sound and having through Domain knowledge.
  • Maintaining various Trackers, SOPs, Annual calendar etc.
  • Knowledge of technical writing is preferred to draft technology standards and Risk acceptance criterions.


UG:BCA in Any Specialization,B.Tech/B.E. in Any Specialization

Company Profile

National Payments Corporation of India

National Payments Corporation of India (NPCI), an umbrella organisation for operating retail payments and settlement systems in India, is an initiative of Reserve Bank of India (RBI) and Indian Banks’ Association (IBA) under the provisions of the Payment and Settlement Systems Act, 2007, for creating a robust Payment & Settlement Infrastructure in India.

The Company is focused on bringing innovations in the retail payment systems through the use of technology for achieving greater efficiency in operations and widening the reach of payment systems.

NPCI, has products like RuPay- debit, credit and prepaid cards, UPI(Unified Payments Interface), BHIM(Bharat Interface Money), AEPS(Aadhaar Enabled Payment Services), CTS(Cheque Truncation System), IMPS(Immediate Payment Services), NFS(National Financial Switch), NACH(National Automated Clearing House),NETC , Bharat Bill Pay, *99#.

For more detailed information on the Vision, Mission, Objectives and Products & Services. You can log on to https://www.npci.org.in/
Company Info
View Contact Details+

Contact Company:National Payments Corporation of India



Not Disclosed by Recruiter



Role Category:

IT Infrastructure Services


Infrastructure Architect

Employment Type:

Full Time, Permanent