Ciso- Chief Information Security Officer - Ahmedabad, India - Talent Leads HR Solutions
Description
Opening: 1 Nos.- Job ID: 61890
- Employment Type: Full Time
- Reference:
- CTC Salary: 70.00 LPA TO 90.00 LPA
- Function: IT Software
- Network Administration / Security
- Industry: IT-Software/Software Services
- Qualification: B.Tech/B.E.
- Computers; MBA/PGDM/MPM
- Information Technology
- Location:
- Ahmedabad
Responsibilities
Operational:
- Understanding business processes and assessing the criticality of the technological solutions being used to carry out business functions.
- Review business Level processes and new initiatives for Cyber security requirements and help in incorporating industry best practices.
- Continuously monitor and assess execution of security policy and validate necessary controls are in place.
- Support security governance processes and serve as cyber security interface to the business.
- Enable User education/ awareness on Cyber Policy and its enforcement.
- Identify, report service level attainment results, and highlight improvement opportunities.
- Drive continuous process improvements for Cyber operations and benchmark them with industry standards
Project Management
- Design and implement BU level Cyber security projects as per the business requirements.
- Lead and manage projects that drive execution of security policy and validation of necessary controls.
Risk Management & Compliance
- Oversee deployment of strategic interventions to mitigate risks and address vulnerabilities.
- Forefront initiatives to monitor and drive adherence of Cyber operations to protocols, legal and regulatory compliances at group and business level.
- Build security reporting dashboards for capturing risk status of different systems.
- Revisit operations policies/ frameworks in accordance to changing business, technology landscape and regulatory environment.
Security Audit
- Plan and implement the internal audit of IT, OT, and business processes across the organization in collaboration with the Group and Business Audit and assurance counterparts.
- Ensure testing and evaluation of system controls, policies, and procedures as required.
- Empanel audit agencies for security audit and ensure audits are conducted as defined and colead interface with auditors.
- Monitor and track all security controls for potential issues, perform verification assessment of controls and determine and update necessary controls to ensure documentation in enterprise security plan.
- Identify and maintain a repository of leading security practices and standards used. Report on the implementation of leading practices and standards and map them to controls and metrics.
Vendor-Partner Management and Engagement
- Track partner performance to ensure project delivery basis expected quality, timelines and budgetary considerations, and address nonperformance; Conduct regular partner performance reviews based on project criticality.
- Manage escalations related to partner (non)performance, scoping issues, partner payouts.
- Cultivate strategic relationships with partners and effectively leverage them for value additions.
- Engage with partners on a frequent basis for a winwin relationship; Facilitate organization of capability road shows/ POCs by partners to increase partner engagement with the organization
People Management
- Working with Cyber, IT and OT teams
- Communication with sites.
- Coordination with other departments and functions
- Coordination with other organizations
- Dealing with service providers.
KRAs with Outcomes (Jobs which brings value to the organization)
Domain
KRA (Key Result Ares)
KPI (Key Performance Indicator)
Minimizing Business Impact
Minimizing Business impact due to Cybersecurity issues.
- Business Loss due to Cybersecurity issues. (% of EBITDA)
Review of Service requests and New Projects w.r.t Cybersecurity
- Requests reviewed within SLA (%).
- Projects reviewed within SLA (%).
Compliance to Legal and Regulatory guidelines related to Cybersecurity
- Compliance to Legal and Regulatory guidelines. (% compliance against total requirements)
- Timely communication and coordination with the regulatory agencies (%).
Ensuring security controls are effective for endpoints, servers, and network.
- Ensuring Coverage of endpoint security agents (%)
- Ensuring Coverage of Server security agents (%)
- Ensuring policy review and other effectiveness measures of network security (%)
Closure of Identified vulnerabilities
- % Of Vulnerabilities closed as per policy requirement.
Cybersecurity Awareness
To facilitate and nurture deep-rooted cybersecurity culture.
- To develop relevant processes and systems, and behavioral training to employees to sustain cybersecurity consciousness and culture in the businesses.
Establish and manage governance in cyber security function
- Governance MI
More jobs from Talent Leads HR Solutions
-
Revenue Assurance Associate at Mumbai
Mumbai, India - 2 weeks ago
-
Talent Acquisition Partner
Ahmedabad, India - 3 weeks ago
-
Sales Coordinator
Mumbai, Maharashtra, India - 1 day ago
-
Area Sales Incharge for a Broadband
Mumbai, India - 3 weeks ago
-
Demand Planner
Gurgaon, India - 2 weeks ago
-
Executive
Rajpura, India - 5 days ago