Job Description

ROLE AND RESPONSIBILITIES Develop, implement, and manage strategic, comprehensive enterprise information security and IT risk management program. Make a risk assessment of company systems, networks, and data to prevent it from being accessed (viewed by unauthorized personnel, data corrupted, or data lost) Define Risk Management framework and implement across the enterprise business functions. Security assessment, validation & clearance of developed /acquired applications for production launch. Assist with the overall business technology planning, providing a current knowledge and future vision of technology, cloud security and systems aligned to security framework. Managing the daily operation and conducting continuous assessment of current IT security practices and systems and identifying areas for improvement. Implement and maintain compliance of security requirements for new products/services. Devising strategies, solutions and implementing security solutions and minimizing the risk of cyber-attacks. Lead Implementation of security products and solution across organization Implement and comply with best Industrial standards on Security, IT Acts/ISO and other IT statutory requirements. Determines security violations and inefficiencies by conducting periodic audits. Conduct Investigations and forensics for any breaches dealing with those responsible and planning to avoid repeats of the same crisis. Lead the various internal and external IT/Security audits and ensure all compliances are met. Lead various Internal, External IT and security audits. Ensure compliances are met. Preparing Cybersecurity roadmap and assisting for all Cybersecurity compliances requirement. QUALIFICATIONS AND EDUCATION REQUIREMENT Bachelors degree in IT, Computer Science, or a related field. Good to have relevant industry certifications such as CISA, CISM, CISSP, ISO 27001, and others (as relevant) At least 8+ years of working experience in domains related to Information security and with a very strong security mindset. Experience in area of IT Security, IT Audits, Compliance and Risk Management in IT/FMCG Industry Excellent Knowledge of Cyber Security, risks, threats in infrastructure, network, Cloud, Application and Data Centre Technologies Experience of various security solutions such as Firewall / IDS/ IPS / NAC / Email Security/CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM etc. Good understanding of Security technologies for private and public cloud Thorough Knowledge of IT and Security processes implementation and compliances Knowledge of information and network security principles, with a major focus on information, network & application security risks and impact. Good understanding of security frameworks, standards such as ITCG Control, ISO 27001, NIST, CIS etc.