Information Security Lead

About Us :

We reimagine the way enterprises work for the better. Enabling our clients to innovate on business models and drive game-changing efficiency with best-of-breed digital platforms.

Our digital platforms help clients capitalize on the inherent power of a connected enterprise. We do this by amplifying the human potential, crafting connected customer journeys, and exploiting the power of value networks.

owered by native AI and automat

Key Responsibilities :

Leadership and Management :

- Lead, mentor, and develop a high-performing team of security professionals.

- Foster a culture of innovation, collaboration, and continuous improvement.

- Recruit and onboard talented security engineers to strengthen the team.

- Develop and implement the company's security policies, procedures, and best practices to protect public cloud environments.

- Provide strategic direction and oversight for the information security function and initiate relevant projects.

Technical Expertise :

- Oversee the deployment, configuration, and management of appropriate security tools.

- Ensure robust security measures are in place to protect cloud infrastructure and applications.

- Assess new security solutions and tools considering the rapidly evolving threat landscape and business needs.

Collaboration and Communication :

- Collaborate with cross-functional teams to integrate security measures into business processes.

- Communicate security policies and procedures to stakeholders and ensure adherence.

- Engage with clients in pre-sales and post-sales scenarios to effectively demonstrate the company's security posture to clients and prospects.

- Define incident response plans, manage security incidents, and respond appropriately.

- Manage relationships and negotiate contracts with security vendors and partners.

- Review client contracts for information security clauses to ensure the best interests of the company.

Governance, Compliance and Risk Management :

- Ensure compliance with relevant laws, industry standards, and regulations such as PCI DSS, GDPR, APRA, DORA, DPDPA, SOC 2, etc.

- Conduct and support regular security assessments, audits, and compliance checks to identify and mitigate risks.

- Prepare and present security reports to senior management and stakeholders.

Qualifications :

- Education : Bachelors or Masters degree in Information Security, Computer Science, or a related field.

- Certifications : CISM or CISSP certification is highly desirable.

- Experience : 18+ years of experience in security management, with at least 5 years in a senior role.

Skills :

- Strong leadership and team management skills.

- Knowledge of enterprise IT security technologies, including but not limited to Cloud Security, Firewalls, network security, Encryption, Authentication, IAM, Web Application Firewalls (WAFs), Privileged Access Management (PAM) etc.

- Application Security and DevSecOps experience

- Excellent communication and interpersonal skills.

- Proven ability to define incident response plans, manage security incidents and respond as per plans.

- Strong analytical and problem-solving abilities.

- Experience in interacting with clients across geographies.

- Knowledge and understanding of Infosec standards like ISO 27001 and PCI DSS, with experience in at least ISO 27001 implementation, auditing and certification.

- Sufficient understanding of Cloud Security framework across multiple service providers like AWS, Azure & GCP.

- Understanding of Enterprise Information Security risks and processes and technology risk management.

- Business Acumen - Ability to command the respect of not only peers, but also business management. Strong understanding of business requirements and processes as they relate to enterprise security architecture.