IT Team Member-SUPPORT SERVICES-Information Risk Management Team
Kotak Mahindra Bank.com
Office
Mumbai, Maharashtra, India
Full Time
Department
Information Risk Management
Location
Kotak Infinity
Number of Positions
1
Position Grade
M5
- Conduct security architecture reviews and design reviews of web and mobile applications, APIs, infrastructures, security devices and identify security gaps.
- Provide recommendations for enhancing security controls.
- Follow-up with application/system owners to mitigate the identified security gaps within the provided timeline.
- Develop and enhance Application Security Standards, Secure coding practices, secure configuration guidelines, etc.
- Assist and provide responses to internal and external audits.
- Evaluate technologies for securing the web/mobile applications.
- Prepare dashboards and analytics for management review.
- Review Technical Unusual events and provide recommendation or suggestion to product/application team.
- Track major technical issues on daily basis.
- Track and maintain exception reports.
- Periodically prepare/modify presentation to management.
- Understand the risk types, possible controls for Solutions group (Products) and create risk registers.
- Help verify the risks identified by a process of self-assessment and discuss findings with the internal stakeholders.
- Help identify risk events on an ongoing basis for existing processes as well as new products, projects or changes contemplated to existing products and processes.
- Bachelor’s degree in any discipline.
- Minimum 10 years’ experience of working with IT risk, information security controls or risk management domains.
- Minimum 5 years of experience in Application security assessment/ architecture reviews.
- Knowledge of Application Security Standards such as OWASP, MITRE, etc.
- Knowledge of common application security flaws, threat modelling, security controls and common security libraries.
- Understanding of security principles including cryptography, access control, authentication, 2FA, system security, data flow, firewall, WAF etc.
- Excellent communication skills (written and verbal) with an ability to explain complex topics in a clear and concise manner to both technical and non-technical audiences
- Knowledge of Banking/ Lending Industry would be preferred.
- Knowledge of cloud services and cloud security controls preferred.
- Good analytical and presentation skills.
- Able to demonstrate a structured logical approach to problem solving.
- Ability to learn and quickly grasp new technologies/concepts.
- Security certifications preferred but equivalent knowledge would be considered.
IT Team Member-SUPPORT SERVICES-Information Risk Management Team
Office
Mumbai, Maharashtra, India
Full Time
August 6, 2025