Information Security Officer

Job Description

Job title                                :               Information Security officer / Manager (ISM)

Team                                     :               Information Technology

Experience                         :               8+ years

Band                                     :               G4/G5

Reporting to                       :               Head of IT

Location                               :               Pune (Marvel)

Scope :

The person appointed will be part of the Information Security Team and responsible for defining and embedding best practice information security policies, standards and processes based on ISO 27001, and other Cyber Security Framework.

Reporting to the Head of Information Technology, this role will principally advise and enable technical teams to make security decisions and provide advice and guidance, ensuring the effective use of common tools and patterns.

Have a proactive responsibility to assist in the delivery of secure systems and implement proportionate controls by working with Product, Change, Risk, IT teams and 3rd party vendors.

Main duties:

·         Develop a complete set of corporate Information Security policies and standards and continually monitoring the information security controls, KRIs/KPIs and technical landscape.

·         Implement effective and appropriate GRC controls and measures to protect systems and data.

·         Implement ISO 27001 framework and Information Security Management System (ISMS).

·         Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.

·         Evaluates potential security breaches, coordinates response, and recommend corrective actions.

·         Monitoring and reporting on compliance with security and data protection policies, as well as the enforcement of policies.

·         Working knowledge of Security Architecture and potential security issues related to them PaaS, IaaS, SaaS and understanding of IAM, and Data Loss Prevention.

·         Knowledge of security technologies such as IDS/IPS, vulnerability testing and Firewalls.

·         Responsible for evaluating new security solutions, perform POC of new solutions along with other IT teams.

·         Specialized in a number of Security domains such as incident response, operational assessment of security posture, general security management.

·         Support audits by timely response, escalation management, gap analysis, mitigation etc.

·         Drive education and awareness activities across platform and Enterprise IT.

Key competencies/behaviours

·         Proactive; Influencer; Collaborative.

·         Ability to prioritise effectively.

·         Ability to adapt to new technologies and learn quickly. 

Mahesh Wabale
Latest posts by Mahesh Wabale (see all)

Leave a Comment