Manager - Cyber Security

Job Purpose

• Responsible for implementing and maintaining the enterprise vision, strategy, policy and program to ensure regional information assets are adequately protected.
• Serve as the process owner of all ongoing regional activities related to the confidentiality, integrity and availability of information and resources of customers, business partners, employees and business information, in compliance with the Groups information security policies
• The scope of responsibility will encompass communications, applications, and infrastructure, including the enforcement of the policies and procedures which apply
  

Required Experience And Knowledge

• Master's degree in computer science, IT Security or related field.
• 7+ years technical experience in IT Security.
• Technical knowledge of and 5-7 years hands-on experience with different types of networking, applications, SAAS and operating systems
• 5-7 years experience in implementing security solutions on an enterprise scale.
• One or more of the following professional certifications: ISO 27001, GDPR (Good to have)
• Scripting skills (PowerShell, Perl, python)
• Good communication skills
• Able to think outside the box: find unexpected ways to solve problems or meet requirements
• Excellent professional demeanor
• Good to have:
  

Leadership Competency Focus (see Competencies On Next Page)

• Drive Customer Centricity
• Network & Influence
  

Key Responsibilities

• Coordinate information security projects with resources from the IT organization and business units
• Implement the Group security and privacy policies, controls, and cyber incident response procedures in Ashirvad
• Work with team to ensure that disaster recovery and business continuity plans are in place and tested.
• Conduct annual Organisational cyber drill and VAPT
• Responsible for conducting cyber awareness program for Ashirvad
• Investigate and coordinate resolution and recovery actions for assigned Incidents, compliant with best practices and legal requirements.
• Analyse the incident situations, determine the breadth of the compromise, and take corrective action.
• Responsible for resolution of assigned Incidents.
• Support the prompt recovery of the system, supervising and directing the internal or external parties.
• Keeping affected business partners informed about progress of incident resolution.
• Conduct post-incident exposure assessments to identify sources of exposure and identify actions to close security gap.
• Report appropriate metrics with regards to Information Security to Group Security and regional managements.
• Responsible for educating local IT of incident response aligned with legal requirements
• Conduct periodic security reviews and propose actionable plans to protect the business.
• Maintain a current understanding of the Cyber threat landscape.
• Other duties as assigned