'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Director - IT Security Operations - FMCG
BangaloreIT security Operation Director
Responsibilities :
- The CSIRT Director will develop, maintain or support an intelligence capability to identify current and emerging IT security risks to the organization.
The CSIRT Director will :
- Act as a liaison between industry peers, government agencies (including law enforcement) and other specialists.
- Utilize commercial intelligence providers to gain insight into existing activities in the hacker and fraudster communities, as well as planned activities and emerging motivations.
- Coordinate with the security operations center, provided internally or by an external managed security services provider, to identify and assess IT security incidents.
- Advise the security advisory board of significant emerging threats, and recommend tactical steps to counteract these threats.
The CSIRT Director will exercise or support the preparedness of various parts of the organization to respond to IT security incidents via the following activities :
- In consultation with the crisis management team, develop and deliver desktop preparedness exercises at the executive committee level, at least annually.
- Participate in industry exercises.
IT Security Incident Management :
Leading the organization's response to IT security incidents, the CSIRT Director will perform the following tasks :
- Develop and maintain the IT security incident response process, including all required supporting materials.
- Develop functional requirements for roles that will be involved in the CSIRT program.
- Work with business units, IT functions and external providers to ensure that the process is mutually understood and agreed on, and that responsibilities are clear and accepted.
- Act as a liaison throughout the entire organization (including enterprise IT services, lines of business, public relations, legal counsel and customer call centers).
- Initiate the IT security incident response process, and execute decision authority to the extent of the role within that process.
- Ensure execution of the incident response process to the resolution of the incident.
- Ensure generation, maintenance and protection of required incident records, such as investigator journals.
- Organize, participate in and, if required, chair post incident reviews for presentation to the senior management.
Support :
- The CSIRT Director will provide specialized security support for other events that fall outside the IT security incident realm, such as fraud attempts based on electronic channels or high-impact outages due to reasons other than security.
Management :
- The CSIRT Director will be responsible for the day-to-day management of the CSIRT, including staffing, budgeting and other relevant management functions.
Operations Support :
- The CISIRT Director will be responsible to maintaining the hardware and software used for the global security platform and all applicable third parties.
Work Arrangements :
- Under normal operating conditions, this role will work to the usual organizational policies and norms of the broader team. However, if the CSIRT Director is notified outside of normal working hours of a potential incident, then the CSIRT Director will be expected to perform the role out of hours to the extent required to protect the organization.
- The CSIRT Director will be expected to ensure that the CSIRT is suitably equipped to operate out of hours and off-site where desirable.
Knowledge and Skills :
The CSIRT Director must have in-depth knowledge of the following :
- Methods and motivations adopted by hackers to attack IT platforms and automated information systems
- IT security incident management processes and tools
- IT operations and support organizations
- IT security risk assessment
- IT security forensic techniques, tools and procedures
Formal education requirements are :
- Bachelor's or master's degree (preferred) in IT, engineering, business, management or a related field, or equivalent work experience
- Tertiary qualifications in information or IT security, or industry qualifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or the equivalent
The CSIRT Director must have these skills :
- Strong communication skills with a proven ability to understand key concepts and communicate with technical staff, lines of business and senior management
- Proven ability to build relationships and influence individuals at all levels in a matrixed environment, as well as external vendors and service providers, to ensure that segregation and overlapping roles are identified and coordinated
- Strong organizational skills and the ability to perform in a command-and-control role under pressure, and the ability to manage multiple priorities with competing demands for resources
- Ability to consume and synthesize intelligence about actors, techniques or situations to identify emerging risk scenarios
- Strong analytical and problem-solving skills
- Proficiency in process formulation and improvement
- Knowledge of IT end-to-end problem management and root cause analysis, which is desirable
- Proficient in working in a fast-paced, complex, dynamic, multicultural business environment
- Knowledge of legal requirements for privacy of personal information from employees and customers
Experience :
The following experience is considered essential experience :
- In-depth experience in security incident management processes and tools
- 10 to 15 years of technology experience, including troubleshooting and performing root cause analysis of complex IT solutions
- Two or more years of demonstrated leadership experience building consensus across IT domains
- Two or more years of demonstrated experience managing a high-performing, cohesive security response team
- Two or more years of demonstrated experience in liaising with middle and senior management of a large commercial enterprise
The following experience is considered desirable but not mandatory :
- Two or more years of experience in working in the consumer products industry
- Experience in working with the Forum of Incident Response and Security Teams (FIRST) or an equivalent organization
- Experience in working with law enforcement or other relevant government agencies
- Two or more years of hands-on IT or information security assessment in a commercial environment subject to the caveat below
- This is a sensitive role. The organization must have a high level of confidence in the integrity and track record of the individual who fills it.
- The CSIRT Director may be required to submit to background checking that is consistent with the high-risk role definition within the organization's staff probity policy and successfully meet the requirements articulated within that policy.
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}