Head of Information Security

The Head of Information Security (equivalent to CISO role) in Bangalore is responsible for creating and maintaining the enterprise vision, strategy, and program to protect the organization's information assets" integrity, availability, and confidentiality. This key leadership role involves implementing and managing comprehensive security measures and practices. The individual will lead a team of security professionals, develop and execute a robust cybersecurity framework, and collaborate with different departments to mitigate risks effectively. The primary responsibilities include developing and implementing an information security strategy aligned with organizational goals, establishing and maintaining security policies and procedures, managing IT security budget, and monitoring key security metrics for compliance and effectiveness. The Head of Information Security will oversee the design and implementation of a resilient security architecture, evaluate security technologies and tools, and collaborate with technology partners to integrate security into new systems. In terms of security operations, the individual will oversee day-to-day security infrastructure operations, develop incident response plans, conduct security, risk, and vulnerability assessments, and lead incident response efforts in case of security incidents. Keeping abreast of security threats and trends, identifying vulnerabilities, conducting security audits, and managing third-party security risks are also essential responsibilities. Ensuring compliance with relevant laws, regulations, and industry standards, such as ITIL, ISO, NIST, and others, leading audits and assessments, and integrating security practices into daily operations are crucial aspects of the role. Collaborating with internal and external stakeholders, conducting security awareness and training programs, and leading OT/ICS cybersecurity initiatives are also part of the responsibilities. The ideal candidate should have a post-graduate or bachelor's degree in engineering with 18-22 years of work experience, including 7-10 years in leading a cybersecurity organization. Knowledge of IT-related regulatory requirements, industry best practices, and security certifications like CISA, CISSP, CISM, and ISO 27001:2013 LA are highly desirable. Familiarity with security technologies, excellent communication skills, and industry-specific knowledge in Healthcare or Pharma sectors are preferred qualifications for this role.,