Lead – Information Security Officer
Experience Required: 15 to 20 years
Role And Responsibilities
- Develop and implement company-wide information security program.
- Document and disseminate information security policies and procedures across the organization.
- Coordinate the development and implementation of a company-wide information security training and awareness program.
- Coordinate a response to actual or suspected breaches in the confidentiality, integrity or availability of customer Data. Act as the single point of contact for customers in case of a security incident.
- Provide responses to Security readiness related questionnaires from large enterprise prospects. Be the point of contact for prospective customers’ questions on IT / Security.
- Conduct internal security audits and co-ordinate external security audits, including security PEN tests.
- Be the cyber security evangelist in the company to ensure all data – either customer or Netradyne – is secure.
- Collaborate with other functions and ensure best practices are being followed – in SaaS product, DevOps, SaaS, IT systems used by employees, SaaS systems used by other departments like HR and Finance.
- Provide strategic guidance in Cloud and IoT Security Infrastructure and design.
- Lead the analysis, requirement, development, design, documentation, implementation, and maintenance of complex IT solutions in the field of Cyber Security.
Skills and Experience:
- Should have prior experience working with large multi-national / international customers on large scale Security and GRC (Governance, Risk Management and Compliance) projects in a lead position.
- Strong understanding of underlying principles of security – Should be able to converse confidently with customer IT teams on broad set of topics.
- Should be conversant with all aspects of security – Web Application, Network, Endpoint, IT, Dev Sec Ops, SaaS, Cloud, IoT.
- Good understanding of Cloud Security, including IDS/ IPS/ WAF etc.
- Good understanding of standards for SSO.
- Prior experience and/or familiarity with several of the privacy compliances and security frameworks like GDPR, CCPA, NIST, CIS Top 20 and ISO 27001.
- Should be conversant with latest Cryptography standards to be able to recommend right solutions to customers and internal engineering teams.
- Should keep up with evolving security threats like APT, Ransomware etc.
- Strong communication and inter-personal skills.
- Should be hands on in all aspects, as required for a fast start up.
Qualifications And Education Requirements
BTECH in a related field.
Strong preference to candidates with CISSP.
Candidates with following certifications would have added advantage:
- Certified Ethical Hacker (CEH)
- AWS Certified Solutions Architect
- ISEB Certified Security Architect
- SABSA (Security Architect) Foundation Certified
- ISO 27001 Certified Lead Implementer