Head - Cybersecurity Operations - IT

Description:

Roles and Responsibilities

Strategic Roles and Responsibilities

- Partner with the CISO and Cyber Security COEs to assess execution of security policies and validation of necessary controls in line with defined systems and processes at the Group/Business/Site levels

- Oversee development and implementation of predictive intelligent metrics, reporting and advanced analytics capability for enhanced insights into asset protection, risk mitigation and business process enhancement to aid strategic decision making

- Own security incident preparedness, mitigation, response and recovery plans

- Ensure cyber security incident response plans and activities follow applicable laws, regulations and compliance requirements

- Actively review and approve project plans to ensure compliance with security requirements with active inputs from key Cyber Security COE teams

- Ensure provision of inputs to other Cyber Security COEs to review and refine processes basis on-ground feedback and observations

- Partner with internal and external stakeholders to achieve broader cyber security situational awareness

Incident Prevention

- Identify major external attacks, third-party risks, potential exposure and other vulnerabilities within the IT environment, test resilience

- Review security related issues through periodic meetings with CIOs to understand issues and provide resolution for the same

- Drive continuous deployment of proactive threat management measures across group and businesses to prevent incidents and support a culture of security across all IT and OT projects and assets

- Establish a process to monitor the enterprise for anomalies based on attack patterns.

Incident Management

- Respond to cyber events, manage and lead effective resolution of security incidents and breaches basis group incident response and recovery plan guidelines

- Collaborate with key stakeholders according to response plans, drive education of team personnel on their roles and order of operations

- Mitigate and document newly identified vulnerabilities as accepted risks

- Institutionalize monthly reporting of cybersecurity quality and cyber-attacks & incidents as well as a culture of reporting events with established criteria

Investigations

- Lead forensic investigations on suspicious events to arrive at inputs to support incident prevention and management

- Investigate notifications from detection systems, perform forensics, understand impact of the incident, and categorize incidents consistently with response plans

- Incorporate lessons learned from past incidents into response planning to update response strategies

Other Operational Responsibilities

- Maintain tools and techniques to ensure monitoring systems and technology is functioning properly and maintained

- Establish a process to collect and analyse business and security operations data over a period of time to develop and identify patterns

- Provide monthly incident summary and service health review reporting for executive stakeholders

- Use problem management to drive continuous improvement in incident processes and identify/share best practices across the incident response community

People Management

- Attract, develop, retain talent and improving productivity, efficiency, and effectiveness of the team and / or business.

- Drive a performance driven culture - set goals, review performance, and provide feedback to ensure a motivated and committed team

- Foster an environment of learning, excellence, and innovation within the team and across teams

Qualifications

Educational qualifications:

- Bachelor's degree relevant to Information Technology, Computer Science/Engineering (or equivalent)

- Advanced educational qualifications, such as an MBA in Cyber Security/ Information Systems or a related field.

- Additional certifications in Cybersecurity Like CISSP/ CISM

- Advanced Excel skills (Pivots, dimensional modelling, linking to external data sources)

- Process improvement, project management, ISO, six sigma certifications are preferred

Experience:

- Minimum 20-25 years' experience in driving large, complex Cybersecurity Operations

- Process and program improvement experience including measurement of value and benefits achieved

- Strong ability to operate successfully in ambiguous situations

- Track record of excellence in incident/crisis management at a global, national or unit level

- Ability to develop, and maintain security related processes, procedures, program baselines, training, and improvement plans

- Experience operating and making decisions to remain compliant with legal, regulatory, and cultural norms

- Strong work and compliance ethic, and the ability to effectively prioritize and execute tasks in a dynamic and high-pressure environment.

- Ability to change plans, goals, actions, and priorities in response to an evolving business environment with awareness to operate as a champion for course corrections when necessary