Experience: 7-10 years
State: Haryana

Roles and Responsibilities

The position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.

Strategic Support and Management

  • Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality, and availability of information is owned, controlled, or processed by the organization.
  • Develop, maintain, and publish up-to-date information security policies, standards, and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
  • Create, communicate, and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants, and other service providers.
  • Develop and manage information security budgets and monitor them for variances.
  • Create and manage information security and risk management awareness training programs for all employees, contractors, and approved system users.
  • Create a framework for roles and responsibilities regarding information ownership, classification, accountability and protection
  • Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
  • Liaise with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
  • Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company’s reputation.
  • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.

Security Liaison

  • Liaise among the information security team and corporate compliance, audit, legal and HR management teams as required.
  • Manage security issues and incidents, and participate in problem and change management forums. Ensuring timely reporting and adequate participation in investigation for ICT security incidents
  • Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
  • Work with the IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.

Architecture Support

  • Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
  • Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
  • Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements

Skills and Qualifications

A minimum of eight years of IT experience, with five years in an information security role and at least two years in a supervisory capacity

A bachelor’s degree in technology/information systems (B.Tech) or equivalent

Apply for this position

Allowed Type(s): .pdf, .doc, .docx