Director - Infosec

Crisil

Mumbai, India

20-25 Years

This job is no longer accepting applications

Posted a month ago

Job Description

Role / Designation: Director Information Security

Job Level: 14A

Job location: Mumbai

Employment type: On-Roll

Reporting Manager: Chief Information Security Officer

Job Summary:

We are looking for an experienced Cyber Security professional with 20-25 years of hands-on experience to lead and manage Attack Surface Reduction team, Red Team and Security Assurance team along with driving the organization's AI security initiatives. The ideal candidate will be responsible for leading Attack Surface Reduction team and guiding them on various activities related to VA, VAPT, SAST, DAST, SCA etc. They will also be responsible for leading advanced red teaming assessments, managing and mentoring the red team and driving the organization's offensive security initiatives to identify system weaknesses effectively. They will also be responsible for leading the Security Assurance team that conducts in-depth review of all tools and processes used in the organization from an Information security perspective.

Key Responsibilities:

Support CISO in managing information and cyber security related risks faced by the organization and in protecting the organization from malicious attacks and data breaches

Work as a Subject Matter Expert on Tech Sec problem solving and new initiatives

Lead various Security Technology teams including Attack Surface Reduction (ASR) Team, Red Team, Security Assurance Team, AI Security team etc

Provide guidance to the ASR team to improve thoroughness of testing and closure of identified vulnerabilities. Ensure timely closure of vulnerabilities through stakeholder management and prioritization.

Lead Red Team by guiding them in developing Attack Strategy and Custom Exploits, identifying the right test cases, testing methodologies and Exercises, identify blind spots within the organization where Infosec team has not yet reached out to test its robustness, identify fixes and help responsible teams to fix the identified issues. Report the Red team results to the right stakeholders.

Act as the Focal point of AI Security initiatives of the organization, to ensure Crisil is a front runner in AI adoption

Issue Resolution & Escalation: Handle escalations proactively and ensure timely resolution of security issues while keeping management informed.

Lead and Manage Security assurance efforts: Establishing and maintaining Technology Security Assurance program to protect the organization from external and internal attacks, in compliance to Information Security and Cybersecurity Policy, Common Security Standards, Technical Security Standards, Industry best practices and CISO Directives.

Team Management & Productivity: Mentor, manage, and monitor the productivity of the red team; foster effective communication and maintain a collaborative, efficient working environment.

Support CISO in the rest of the departmental activities as the Second in Command

Qualifications and Experience:

Bachelor's or Master's degree in relevant field of Engineering, viz., Computer Science, Cybersecurity, Information Technology or a related field

Relevant Management degree from a reputed institute

Overall 20-25 years of experience including hands-on experience in various Security Technologies

Experience in managing successful teams delivering value across various geographies

Key Skills:

Leadership and team management skills with ability to mentor and guide security professionals

Hands-on experience in various security tools and ability to validate team deliverables

Excellent analytical, problem-solving, and critical-thinking abilities.

Clear verbal and written communication skills suitable for technical and executive audiences

Confident in interacting with Crisil's leadership team and Board of Directors