The ideal candidate will possess a strong understanding of information security across key domains, including infrastructure, network security, endpoint protection, and data privacy. They should have extensive knowledge and hands-on experience with ISO 27001 standards, enabling them to implement and maintain robust security frameworks. Success in this position depends on solid organizational, analytical, and communication skills, ensuring seamless coordination and collaboration with cross-functional teams to achieve security objectives effectively.
Experience: 10 - 14 years
Certification: PMP, PPM, CSM etc.
Responsibilities:
- Manage IT/Security projects, with hands-on involvement in project planning, execution, and delivery.
- Document and develop security policies, procedures, risk and controls matrices, KPIs, risk treatment plans, and security roadmaps.
- Conduct vendor risk assessments and provide a comprehensive view of risk exposure from outsourcing activities.
- Oversee projects related to Security standards, ensuring efficient implementation and adherence to security protocols.
- Support teams in reviewing and implementing Information Security controls across multiple areas:
- Privilege and User Identity Access Management.
- Incident Management processes, SLA performance monitoring.
- Business Continuity Planning (BCP), Disaster Recovery (DR) planning, and backup/restoration process
- Endpoint protection, antivirus management, and asset management, Information handling, data protection.
- Evaluate and deploy tools and technologies such as IAM, SIEM, DLP, EDR etc.
Key Responsibilities:
- Expertise in information security domains, including infrastructure, network security, endpoint protection, and data privacy strategies.
- In-depth knowledge and hands-on experience with ISO 27001 standards to implement and maintain security frameworks.
- Conduct detailed risk assessments, particularly focused on vendor management and outsourcing risks, to identify and mitigate potential threats.
- Collaborate across teams, leveraging strong organizational, analytical, and communication skills to ensure alignment with security objectives.
