Senior Manager

About the Company

Aditya Birla Global Trading (ABGT), is a part of US $60 billion Aditya Birla Group and a leading bulk commodity trading solutions provider to clients across the globe.

Incorporated in India in 2014, it has grown to achieve an annual turnover of over Rs.7000 Cr. and trading volumes in excess of 5 million tons per year. Powered by a strong professional team, we have the reach and scale to service our clients across the globe. Delivering both competitive rates and smooth transits with ethical business practices without compromising on quality & services. Our parent company having history of more than 45 years further adds to our strength.

About the Role

The Chief Information Security Officer (CISO) will lead the organization's global cybersecurity strategy, governance, and risk management programs. The role requires a visionary yet hands-on leader who can design and operationalize a resilient, compliant, and adaptive security posture across 25+ countries. The CISO will partner closely with business, IT, compliance, and risk leaders to ensure the confidentiality, integrity, and availability of enterprise data and technology assets while supporting digital transformation and regulatory requirements.

Key Responsibility Areas

The CISO will be responsible for establishing, implementing, and managing a comprehensive enterprise cybersecurity program across the following domains:

A. Strategy, Governance & Leadership

• Develop and execute the global cybersecurity strategy aligned with enterprise risk and digital transformation goals.

• Establish enterprise-wide information security governance, policies, and frameworks.

• Lead the global Information Security Steering Committee and report key metrics to the CIO and Board.

• Build and mentor a distributed security organization across regions and business units.

B. Risk Management & Compliance

• Oversee the enterprise information security risk management framework (ISRM).

• Ensure compliance with global standards (ISO 27001, NIST CSF, CIS, GDPR, SOX, HIPAA, etc.).

• Manage third-party/vendor security risk and due diligence processes.

• Support internal and external audits, and coordinate remediation.

C. Security Operations & Threat Management

• Oversee Cyber Security globally across all locations, including threat intelligence, monitoring, incident detection, and response.

• Lead the enterprise incident response program, ensuring rapid containment and recovery.

• Drive adoption of EDR/XDR, SIEM, SOAR, and automated threat response capabilities.

D. Identity, Access & Data Protection

• Ensure robust identity and access management (IAM) and privileged access management (PAM) controls.

• Oversee data protection, encryption, DLP, and privacy compliance programs.

• Collaborate with data governance and compliance teams to manage data lifecycle security.

E. Cloud & Infrastructure Security

• Define and enforce cloud security architecture for multi-cloud (AWS, Azure, GCP) environments.

• Ensure secure configuration management, network segmentation, and zero-trust principles.

• Manage vulnerability management, patch governance, and endpoint protection programs.

F. Application & Product Security

• Oversee secure software development lifecycle (SSDLC) practices.

• Establish DevSecOps capabilities for proactive vulnerability scanning and code review.

• Partner with product and engineering teams to embed security-by-design principles.

G. Business Continuity & Incident Preparedness

• Lead business continuity and disaster recovery (BCP/DR) planning and testing.

• Ensure crisis management readiness and conduct tabletop exercises with leadership.

H. Awareness & Culture

• Promote a strong security culture through awareness programs, training, and leadership engagement.

• Champion a risk-aware, security-first mindset across all business functions.

Education, Certifications & Experience

Education:

• Bachelor's or Master's degree in Computer Science, Information Security, Engineering, or related field.

Certifications (Preferred/Required):

• CISSP (Certified Information Systems Security Professional) – Required

• CISM (Certified Information Security Manager) – Required

• ISO 27001 Lead Implementer / Auditor – Preferred

• CEH, CCSP, CRISC, or equivalent advanced certifications – Preferred

Experience:

• 12–15 years of progressive experience in cybersecurity and IT risk management.

• Minimum 5 years in a leadership role (CISO/Deputy CISO/Security Head).

• Proven track record in implementing enterprise security programs across multiple geographies.

• Experience in industries like (Trading, FMCG, manufacturing, pharma, or financial) desirable.

• Strong understanding of global data privacy laws (GDPR, CCPA, etc.).

• Hands-on familiarity with modern security technologies, frameworks, and cloud environments.

Personal Attributes:

• Strategic thinker with operational execution excellence.

• Strong leadership and stakeholder management skills across business and IT.

• Exceptional communication and influencing skills, including Board-level reporting.

• High integrity, resilience, and ability to lead under pressure