Job
Description
About IRIS Software IRIS Software Inc. is a professional software services organization that delivers high quality and cost effective solutions to businesses globally. Our customers include Fortune 100 businesses and mid-sized firms across Financial Services, Life Sciences, Logistics & Distribution and High-Tech industries. We leverage best-of-breed technologies and flexible engagement models to deliver value for our customers’ businesses. We are a high growth setup with 4000+ people based out of our offices in India, US and Canada. We are strategic partners to over 25 of the Fortune 100 companies and our consistent strive to achieve the highest levels of customer satisfaction has translated into long-standing relationships and a preferred-partner status with many of our customers. Over the years, more than 90% of our customers have chosen to engage with us for repeat business. IRIS is a quality and security focused organization. We have been appraised at Level 5 of the CMMI Institute’s Capability Maturity Model (CMMI®) and have been certified to ISO 9001:2015. Our Information Security Management framework is aligned and certified to ISO 27001:2013 and SOC2 Type II. For more details visit us at www.irissoftware.com Primary Responsibilities: Create, implement, and maintain an enterprise cybersecurity strategy and IT risk management program by implementing technology, policy, and process-based solutions. Implement and manage Security Operations Center (SOC), while driving the effective implementation of various security technology solutions in multi-tenant environment and conglomerate setup. Drive or perform periodic threat modeling, identify risks/ threat vectors, and implement effective solutions for threat monitoring, risk mitigation and management. Design and develop required operating procedures, building teams and responsible for services deliveries for global customers, while ensuring service stability and service continuity. Design, create, implement, and maintain information security and other relevant policies, procedures, and documentation to ensure applicable compliances (including international standards, applicable laws/regulations, and industry best practices). Understand and interact with related committees to ensure the consistent application of security policies and standards across all security technology projects, solutions, and services. Effectively managing security events/incidents, service-changes, service-requests and providing solutions for identified service problems while collaborating with other service and operational teams. Service and customer-oriented communication with our customer’s end-users. Ensure compliance to SLA, process adherence and process improvements to achieve operational objectives. Ensure on-time daily, weekly, monthly and quarterly meetings / reviews with teams including vendors and management stakeholders, as may be necessary for managing security operations. Creation of reports and dashboards for security operations and presentation to senior management and customers. Act as a mentor for team to provide technical assistance and periodically plan for team’s trainings as a part of team’s technical skill enhancement program. Management, administration & maintenance of security devices and applications under the purview of SOC and related security services. Support activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties. Ensure effective project management for the security projects, as per organizational management systems and best practices. Research on newer technologies to identify relevant tools, techniques, methods for service improvements, and present to stakeholders and management for approval and drive implementations. Ensure active contribution and financial management of security budgets, manpower, costing, billings, etc. Co-ordination with internal and external stakeholders like team members, internal functions or service teams, external vendors including OEMs, management, and customers, etc. to build and maintain positive working relationships with them. Project coordination experience using Wrike or similar tools (Asana, Monday.com, etc.). Strong analytical mindset with attention to detail and ability to interpret complex datasets. Excellent communication and collaboration skills. Qualification and Technical Skills / Certifications: • Bachelor’s degree with minimum of 15 years of experience in a combination of IT security and various IT jobs. • Technical experience in driving the implementation of various security technologies (SIEM, SOAR, EDR, vulnerability management, network security, identity protection, etc.) and managing security operations. • Proficient in designing and implementation of information security policies, processes and preparation of reports/dashboards while translating security concerns into business context enabling decision making process. • Experience in preparing and presenting the status of cyber/information security program/projects to management on regular basis. • Knowledge of various information security management frameworks such as ISO/IEC 27001, and regulations like GDPR, etc. • A skilled collaborator with experience in managing relationships with internal functions/service groups and external partners. • Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation. • Excellent verbal and written communication skills. • Excellent project management and leadership skills. • Self-motivated and possessing a high sense of urgency and integrity. • Ability to manage multiple competing priorities under pressure and demonstrates the ability to adapt to ever-changing schedules and work assignments including emergency travel and manage work hours.
