Description:
Roles and Responsibilities
Strategic Roles and Responsibilities
- Partner with the CISO and Cyber Security COEs to assess execution of security policies and validation of necessary controls in line with defined systems and processes at the Group/Business/Site levels
- Oversee development and implementation of predictive intelligent metrics, reporting and advanced analytics capability for enhanced insights into asset protection, risk mitigation and business process enhancement to aid strategic decision making
- Own security incident preparedness, mitigation, response and recovery plans
- Ensure cyber security incident response plans and activities follow applicable laws, regulations and compliance requirements
- Actively review and approve project plans to ensure compliance with security requirements with active inputs from key Cyber Security COE teams
- Ensure provision of inputs to other Cyber Security COEs to review and refine processes basis on-ground feedback and observations
- Partner with internal and external stakeholders to achieve broader cyber security situational awareness
Incident Prevention
- Identify major external attacks, third-party risks, potential exposure and other vulnerabilities within the IT environment, test resilience
- Review security related issues through periodic meetings with CIOs to understand issues and provide resolution for the same
- Drive continuous deployment of proactive threat management measures across group and businesses to prevent incidents and support a culture of security across all IT and OT projects and assets
- Establish a process to monitor the enterprise for anomalies based on attack patterns.
Incident Management
- Respond to cyber events, manage and lead effective resolution of security incidents and breaches basis group incident response and recovery plan guidelines
- Collaborate with key stakeholders according to response plans, drive education of team personnel on their roles and order of operations
- Mitigate and document newly identified vulnerabilities as accepted risks
- Institutionalize monthly reporting of cybersecurity quality and cyber-attacks & incidents as well as a culture of reporting events with established criteria
Investigations
- Lead forensic investigations on suspicious events to arrive at inputs to support incident prevention and management
- Investigate notifications from detection systems, perform forensics, understand impact of the incident, and categorize incidents consistently with response plans
- Incorporate lessons learned from past incidents into response planning to update response strategies
Other Operational Responsibilities
- Maintain tools and techniques to ensure monitoring systems and technology is functioning properly and maintained
- Establish a process to collect and analyse business and security operations data over a period of time to develop and identify patterns
- Provide monthly incident summary and service health review reporting for executive stakeholders
- Use problem management to drive continuous improvement in incident processes and identify/share best practices across the incident response community
People Management
- Attract, develop, retain talent and improving productivity, efficiency, and effectiveness of the team and / or business.
- Drive a performance driven culture - set goals, review performance, and provide feedback to ensure a motivated and committed team
- Foster an environment of learning, excellence, and innovation within the team and across teams
Qualifications
Educational qualifications:
- Bachelor's degree relevant to Information Technology, Computer Science/Engineering (or equivalent)
- Advanced educational qualifications, such as an MBA in Cyber Security/ Information Systems or a related field.
- Additional certifications in Cybersecurity Like CISSP/ CISM
- Advanced Excel skills (Pivots, dimensional modelling, linking to external data sources)
- Process improvement, project management, ISO, six sigma certifications are preferred
Experience:
- Minimum 20-25 years' experience in driving large, complex Cybersecurity Operations
- Process and program improvement experience including measurement of value and benefits achieved
- Strong ability to operate successfully in ambiguous situations
- Track record of excellence in incident/crisis management at a global, national or unit level
- Ability to develop, and maintain security related processes, procedures, program baselines, training, and improvement plans
- Experience operating and making decisions to remain compliant with legal, regulatory, and cultural norms
- Strong work and compliance ethic, and the ability to effectively prioritize and execute tasks in a dynamic and high-pressure environment.
- Ability to change plans, goals, actions, and priorities in response to an evolving business environment with awareness to operate as a champion for course corrections when necessary
Didn’t find the job appropriate? Report this Job