Overview

Description

  • Develop and maintain robust security controls to protect the business from security breaches/ incidents.
  • Deliver Security demand from the business for security controls.
  • Ensure operational performance to deliver security controls at optimum cost.
  • Maintain a good relationship with key stakeholders including business, other IT departments & security teams to deliver on security requirements timely and effectively.
  • Engage with auditors to acquire and retain certifications/ attestations
  • Support audits by timely response, escalation management, gap analysis, mitigation etc.
  • Lead internal reviews and assessment of solutions, processes, procedure and practice.
  • Conduct supplier Assessment to check their compliance with security schedule
  • Manage risk profile of the IT-systems
  • Drive education and awareness activities across platform and Enterprise IT.
  • Provide direction for Enterprise IT Security and Cybersecurity protection, and oversee Technology governance and policies.
  • Develops Enterprise IT Security strategy, awareness programs, be able to define security architecture, and security incident response.
  • Provides strategic risk guidance for IT projects, including evaluation and recommendation of technical controls.
  • Develops, maintains and publishes up-to-date security policies, standards and guidelines.
  • Evaluates new cybersecurity threats and IT trends and develops effective security controls.
  • Oversees development of security awareness programs.
  • Evaluates potential security breaches, coordinates response, and recommend corrective actions.
  • Define and report on information security KPIs.
  • Provides Security Project Management and leadership to staff and external resources in support of established goals and objectives, improved efficiencies, and problem resolution.
  • Maintains current knowledge of industry and regulatory trends and developments for the enterprise technology.
  • Specialized in a number of Security domains such as incident response, operational assessment of security posture, general security management.
  • Needs a thorough understanding of Security Management principles,  Security governance principles
  • Experience working with external stakeholders in law enforcement, audit, testing, investigations, and intelligence.
  • Monitor, evaluate and change the organization as needed to ensure success in managing Security
  • Organize the preparation of the security status dashboards including presentation to executive management.
  • Responsible for formulating long term security policy for their domain
  • Is responsible for the security schedules of major global contracts and the supplier integration and delivery of secure services as contracted.  This includes managing all service delivery components and coordination of supplier teams delivering services.

 You are a part of

  • Enterprise IT Security team working closely with Enterprise IT, IT Platform Leaders, CIO and CISO.
  •  To succeed in this role, you should have the following skills and experience

Soft Skills

  • Excellent English language communication skills, both verbal and written. Cross-cultural etiquettes, customer centric and collaborative mindset.
  • Works autonomously within established procedures and practices.
  • Good command on stakeholder management, judgement, conflict resolution, risk & mitigations.
  • Provide leadership to the global team at strategic, tactical, and operational level


Qualification

  • Bachelor’s or Master’s degree in Information Technology and or commensurate experience in delivering security solutions.
  • Overall Enterprise IT Security experience of 10+ years preferred.
  • Security Certifications such as CISSP, CISM, CISA, CIPP etc.
  • Should have senior level in the domain of Security & operations management
  • Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, lack of criminal convictions etc.), willing to undergo vetting and/or personality assessments to verify this if necessary
  • Typically, a background in technical security roles or operations, with a clear and abiding interest in security