Roles & Responsibilities:

Strategic
· Work with the IT Head and other stakeholders to develop a security program and security projects that address identified risks and business security requirements.
· Define metrics and reporting strategies that effectively communicate successes and progress of the security program.

Security Liaison
· Assist business owners and IT staff in understanding and responding to security audit failures reported by auditors.
· Provide security communication, awareness and training for audiences, across the organization

Architecture/Engineering Support
· Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
· Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.

Operational Support
· Coordinate, measure and report on the technical aspects of security management.
· Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.

Initial Envisaged Roadmap
· Streamline the Information Security related processes in the organization and improve its Information Security posture
· Expectations to set-up a 24X7 Security Operations Center (SOC) to bring in the best-in-class infrastructure and solutions to assess vulnerabilities and prevent, detect, protect and predict any potential cyber threats

 

Location:

Mumbai

Branch:

Churchgate

Experience:

8 - 10 years

Salary Range:

As per industry standard

Functional Area:

IT/Technical Content Developer

Employment Type:

Permanent

Desired Candidate Profile:

· A minimum of 8-10 years of IT experience, with at least 5-8 years in an information security role and at least 5 years in a supervisory capacity

· A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.

· Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x

· Strong project management skills and experience in creating and managing project plans, including budgeting and resource allocation.

· Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.

· Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.

· Strong analytical skills to analyze security requirements and relate them to appropriate security controls.

· Understanding of operating system internals and network protocols.

· Familiarity with the principles of cryptography and cryptanalysis.

· Experience in application technology security testing (white box, black box, code review, Simian Testing etc).

· Experience in system technology security testing (vulnerability scanning and penetration testing).