Chief Information & Security Officer - Steel/Energy/Power/Manufacturing Industry

Desired Qualification and experience :

- Bachelor's or Master's degree in Information Technology, Computer Science, Software Engineering or any other related engineering discipline or equivalent education and experience.

- 15+ Years of Experience in IT and at least 5+ years of managing Information Security practice for a large organization including IT governance. Professional certifications preferred (CISSP, CISM, CISA, CCSP etc.)

Industry Type Exposure :

Core Skill: IT Applications & Services / Industrial Software Products & Solutions Provider

Preferred Industry vertical : Steel / Energy or Power / Manufacturing

Roles & Responsibilities :

The position assumes the role of CISO (Chief Information and Security Officer) and reports to Group Chief Digital Officer

Technical Must Requirement :

- Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification.

- Knowledge of Information technology infrastructure library (ITIL) / (certification preferred) and/or NIST framework with respect to security administration and information technology governance in a multi- platform environment.

- Provides the direction for company's data and cybersecurity protection and oversee Technology governance

- Develops, maintains and publishes up-to-date security policies, standards and guidelines.

- Design and develop IS architecture and IS service landscape. Develop process and governance mechanism for continuous improvements of IS process maturity across all IS activities within the department. Establish cadences on reporting of information security metrics

- Evaluates new cybersecurity threats and IT trends and develops effective security controls. Oversees development of security awareness programs.

Need Requirement :

- Cloud hosted IaaS, PaaS and SaaS Security best practices

- Develops and oversees effective disaster recovery policies and standards to align with company business continuity management program goals. Development of implementation plans and procedures to ensure business critical services are recovered in the event of disasters or other incidents, and provides direction, support and in-house consulting in these areas.

Behavioral Requirement :

- Result and outcome driven.

- Data driven decision making.

- Demonstrated management skills, e.g., budget development and administration, policy development and implementation, personnel administration, team management, staff training and development

- Proactively manage and monitor different aspects of the program i.e. analyze, design, implementation, change management and sustainability.

- Advice and review working with all stakeholders (e.g., IT Operations team, Solution & Technical Architects, Application development team and 3rd Party IS Suppliers) regarding secure way to implement their business and technical requirements, and in accordance with GF-IS Risk and Security policies and standards.

- Manage team of junior business / function and IS teams to validate new insights from various data and bring business-digital lens

- Help debottleneck issues on the ground by participating in change management, serve as point of escalation