Job
Description
Divisional Information Security Officer (DISO) Location- Bangalore 5Days work form office Interview mode- MS teams Required immediate joiners max 15 to 30 days Notice period. Job Context Cybersecurity is now foundational for businesses to deliver on digital agenda as well as achieve committed objectives & outcomes. The divisional DISO role is created to lead the information security function across the division to ensure consistent and high-quality information security management in support of the division’s business goals. Responsibilities The divisional DISO is responsible for developing and implementing the division’s information security program with consultation from the central DISO organization. It involves, while enabling business to achieve their goals, identify, evaluate and mitigate risks to digital assets, intellectual properties, regulated data and reputation while ensuring statutory compliance. The divisional DISO leads with sound knowledge of cybersecurity technologies covering data centres, cloud, endpoint, network, applications and emerging technologies such as AI, ML, IoT, etc. as well as broader digital ecosystem. The person should be an integrator of people, process and technology within and from the ecosystem. DISO works proactively and assures not only confidentiality, integrity, and availability but also to the safety, privacy and recovery of information assets owned or processed by the business units and ecosystem partners. The divisional DISO articulates the impact of cybersecurity on digital business, and be able to communicate this to the business stakeholders, along with progress of security program & value to the business from time to time. Tasks Develop a comprehensive security program for the division Develop the information security vision and strategy for the division that is aligned to division’s business priorities and enables and facilitates the business objectives, and ensures senior stakeholder buy-in and mandate. Implement, and monitor Information Management (IM) policy across division. Implement and monitor Incident response plan and procedures as laid down by the CISO organization Monitor, track and drive cybersecurity awareness programs for the division Operate the security function Plan and manage the cybersecurity budget for the division Align with CISO organization for integrated coordination in risk management Drive cybersecurity projects within the division Innovate and proactively refresh policies and program to meet emerging needs Continuously evaluate cybersecurity needs, compliance, changes in security posture resulting from change in IT infrastructure, architecture, emerging threats, laws, standards, regulations and technologies. Build relationship with external ecosystem partners, service providers, industry peers, vendors to ensure that the division maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies. Work with divisions and extended IT leaders, member of the IT strategy committee, business leaders, non-IT functions, thus ensuring that the information security requirements are implicit in these architectures and security is built in the design. Establish governance and oversight of security program Facilitate operational oversight of security operations governance through the division’s cybersecurity committee. Provide periodic metrics-based progress report and develop appropriate KPIs to reflect improvements in value/performance/efficiency/compliance etc. Requirements Experience Demonstrated experience and success in middle management roles in risk management, information security, compliance, and cybersecurity in dynamic environment. Hands on experience in network, system, application, perimeter, endpoint, cloud and data centre security management, and security operations. Managing vulnerability using tools like Nessus, Qualys guard etc. Working in ISO27K environment, report preparing, leading internal and external security audits Knowledge of ISO 27K, ISO20K, GDPR, COBIT, NIST, CSF frameworks/standards Skills Ability to communicate effectively across the reporting chain, external and internal customers, leadership, peers etc. Excellent written and verbal communications skills, collaborative skills and effectively communicating technical stuffs to non-technical audience. Reasonably good analytical skills, ability to manage complex projects, under strict timelines as well as ability to work well in demanding, dynamic environment and meet overall objectives. Project management skills, financial/budgeting management, resource and schedule management Relevant industry certification on cybersecurity is desirable Personal Characteristics Poise and ability to act calmly and competently in high-pressure, high-stress situations. Strong problem solving and trouble-shooting skills. High level of personal integrity and maturity, as well as the ability to handle confidential matters. Show more Show less
