IT - Executive

Job Description

Role Name/ Designation : Executive Role Purpose : To drive ISMS implementation across group. Safeguarding organization's sensitive data and systems from various threats. Key Responsibilities : Develop and Implement Security Policies and Procedures: Create comprehensive security policies that align with industry standards and regulatory requirements. Develop and implement standard operating procedures (SOPs) to guide employees on secure practices. Ensure that policies and procedures are regularly reviewed and updated. Risk Assessment and Management: Conduct regular risk assessments to identify potential threats and vulnerabilities. Prioritize risks based on their likelihood and impact. Develop and implement risk mitigation strategies to reduce the organization's exposure to threats. Incident Response Management: Establish incident response plans to handle security breaches effectively. Coordinate incident response teams and ensure timely containment of threats. Conduct post-incident analysis to identify root causes and prevent future occurrences. Access Control and Privileges: Implement strong access controls to restrict access to sensitive information and systems. Regularly review and update user privileges to ensure they align with their job responsibilities. Enforce least privilege principles to minimize the potential for unauthorized access. Data Privacy and Compliance: Ensure compliance with data privacy regulations (e.g., GDPR, CCPA). Implement data protection measures to safeguard personal information. Conduct regular data privacy audits to identify and address non-compliance issues. Security Awareness and Training: Develop and deliver security awareness training programs to educate employees about security best practices. Promote a security-conscious culture within the organization. Technology Evaluation and Deployment: Evaluate and select security technologies (e.g., firewalls, intrusion detection systems, encryption) to protect the organization's assets. Ensure that security technologies are properly deployed and maintained. Vendor and Third-Party Risk Management: Assess the security practices of vendors and third-party service providers. Require vendors to adhere to the organization's security standards. Continuous Improvement: Monitor and evaluate the effectiveness of security measures. Identify areas for improvement and implement necessary changes. Reporting and Communication: Provide regular security reports to management and stakeholders. Communicate security incidents and recommendations effectively. . Competencies Functional Competencies :Hands on VAPT tools and remediation, CCNA Certified, Firewall management Generic Competencies: Very strong on UTM, IDS, IPS, Networking and Security tools Academics and Experience : Qualification: BTech / B.E. MBA PreferredWork Experience : At least 4 year as Information security engineer