Director - DATA Security Options - IT

Responsibilities :

- Lead the Data Security Operations track end to end

- Take complete ownership of Design, build, Implement Data Security controls and manage Data Security Operations including DLP operations, Design & Engineering of DLP such as Email DLP, Endpoint DLP, CASB DLP, Data Classification solutions, Data Discovery, Data encryption and tokenization, Data protection.

- Design DLP Standards, Policies, Frameworks as per Industry best practices and organization requirements

- Align standards, frameworks and security with overall business and technology strategy

- Identify and communicate current and emerging security threats

- Design data security architecture elements to mitigate threats as they emerge

- Create solutions that balance business requirements with information and cybersecurity requirements Identify security design gaps in existing and proposed architectures and recommend changes or enhancements

- Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications

- Train users in DLP Implementation and operations

- Manage Automation of DLP process by integrating with AI/ML process, SOAR solutions.

- Manage Integration with Service Now

- Manage Data Security Audits

- Define measurements and controls required to ensure that the procedures attain process objectives and goals. This includes compliance requirements from legislation or other adopted compliance frameworks.

- Define reports required to monitor the health of the process, show attainment of objectives, and communicate process execution as it related to service levels.

- Define Evaluate Performance schedule. Surface additional tool requirements. Validate that procedures capture the required data to satisfy reporting needs. Define process meetings

- Ensure zero backlogs and minimal ageing incidents

- Ensure adherence to SLA- s

Skills :

Technical Skills :

- Knowledge of the following technical skills should prove useful

- Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies

- Technical understanding and hands on experience in DLP and CASB tools and tech such as, Forcepoint, Mcafee, Symantec, Microsoft, Email DLP solutions, Data Encryption and Data Governance solutions

- ISO 27001/27002, ITIL and COBIT frameworks Windows, UNIX and Linux operating systems Perimeter security controls - firewall, IDS/IPS, network access control and network segmentation Router, switch and VLAN security; wireless security concepts related to DNS, routing, Sensitivity: Internal & Restricted authentication, VPN, proxy services and DDOS mitigation technologies Practices and methods of IT strategy, enterprise architecture and security architecture

- Network security architecture development and definition Knowledge of third-party auditing and cloud risk assessment methodologies

- Service Now Integration

- AIP/MIP Classification

- DRM Solutions integration

Leadership Skills :

- People Management skills

- Should be able to lead and manage team size of 50+ data security professionals

- Should guide and mentor the data security operations team to ensure high performance team.

- Should be able to manage global stakeholders

- Present state of data security operations to the top management regularly as and when required

- Report and publish daily, weekly, and monthly reports to various stakeholders, accounts, and entities globally and within CISO office.

- Should have excellent communication skills and lead from the front with minimal guidance

- Work closely with BISO office for account specific Data security incidents remediation

- Work closely with cyber investigations team in getting the data security incidents investigated and closed

Preferred Qualifications:

- Undergraduate or master's or Post Graduate Degree from a reputed institute

- 16-20 years of demonstrated cybersecurity experience

- Minimum 10-15 years of data security and leadership experience a must

- Education/Certifications: CISSP, CISM, CISA, CEH, IAAP certifications such as CIPT, CCSK, CCSP,

- AWS & Azure certifications a plus

- Exposure to security standards NIST Cyber Security Framework, NIST SP800-53, COBIT, ISO27001 and regulatory requirements of GDPR compliance, DPIA for DLP and information protection perspective

- Hands on experience and expertise in Data Leakage Prevention solutions - Endpoint DLP, Email DLP, Network DLP, CASB-DLP for cloud- AWS, Azure, GCP Cloud, Oracle Cloud

- Hands on experience in CASB -DLP configuration and integrations with Salesforce, GitHub, Google suite, Office 365, Service Now

- Good understanding of Cyber Kill Chain process, MITRE Attack framework and various types of cyberattacks and incident response to the cyber-attacks such as Ransomware attacks, DDOS attacks, Applications security attacks, Cloud cyber-attacks, API security cyber attacks