Director/Practice Lead - Information/Cyber Security - Bank

Director/Practice Lead - Information/Cyber Security 

We looking for an Practice Lead - Information Security to join its Technology Development Center in Pune, India.

PRINCIPAL RESPONSIBILITIES : 

- Plan and carry out the organization's Information Security strategy. Develop a set of security standards and best practices for bank's and ensure security enhancements are executed as required. Develop strategies to respond to and recover from a security breach. Educating staff on information security through training and building awareness.

- Ensure operations of firewalls and data encryption programs, to protect bank's sensitive information. Lead the design of security products and installation procedures.

- Monitor bank's networks and systems for security breaches or intrusions. Strategize installation of software that helps to notify intrusions, and watch out for irregular system behaviour. Ensure periodic scans of networks to find any vulnerability.

- Investigate Security Breaches: If a breach has occurred, lead incident response activities to minimize the impact. Lead a technical and forensic investigation into how the breach happened and the extent of the damage. Prepare reports of their findings to be reported to management.

- Design, implement, test and maintain enterprise class security systems and services to mitigate current and emerging threats

- Provide specialist support as a Subject Matter Expert in all areas of IT Security including alignment of standards, frameworks and security with overall business and technology strategies

- Identify and drive improvements on security assessments and internal investigation capabilities through improved technologies, processes and practices

- Define cloud security architectures and internal systems designs with appropriate controls and monitoring capabilities through centrally managed monitoring and response services

- Manage Ethical Hacking engagements through specialist third parties to define scope, manage daily debriefings, deliverables and defined corrective action plans

- Provide timely and accurate InfoSec, ISMS related reporting (monthly, quarterly and ad-hoc) for key stakeholders

SKILL / EXPERIENCE : 

- Engineering / Post Graduate in Computer Science / IT (Networking) with 18 + Years of experience in Information Security Management / Cyber Security

- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams

- Experience with contract and vendor negotiations and management including managed services.

- Specific experience in Agile (scaled) software development or other best in class development practices.

- High level of experience maintaining security of the infrastructure, services and capabilities including cloud, firewall, switch routers, application network architectures with VPN and MPLS

- Experience in IT general security controls compliance experience including requirements traceability, change management governance, evidence gathering, self-audits, auditing and monitoring tools

- Experience in threat management, vulnerability Assessment /Penetration Testing Tools

- Certification in IT Security viz CEH / CLPTP / CISSP / CISM preferred