Kshema - Principal - Cyber Security

Security Principal-Cyber Security

At Kshema, we are re-imagining agricultural insurance with the power of Public Cloud, GIS, Remote sensing, and cutting-edge AI-based algorithms to assess, model and price insurance risks for farmers adequately. We are taking the latest advances in Mobile, Geospatial technologies and the web to empower the next generation of agricultural insurance. Would you like to be part of a dynamic team using cutting-edge technology to unlock value for our clients? Then we would love to get to know you!

Functional & Technical Responsibilities:

- Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.

- Work directly with CRO (Chief Risk Officer) and various functional teams to facilitate risk assessment and risk management processes.

- Develop and enhance an information security management framework.

- Ensure consistent application of security policies and processes across all technology projects, systems, and services.

- Provide leadership to the enterprise's information security organization.

- Own and conduct Information Security awareness training/orientation for all company employees.

- Partner with business stakeholders across the company to raise awareness of Information Security processes.

- Ensure compliance with all applicable cybersecurity standards including ISO 27001, NIST, SOC-2 etc.

- Conduct periodic Vulnerability Assessment and Penetration testing (VAPT) of IT network.

- Work with 3rd party certification vendors to facilitate various Cybersecurity audits as per the regulatory requirements.

Required Knowledge & Experience:

- Minimum 8+ years of experience in a combination of risk management, information security and IT.

- Hands on experience on Azure & AWS Cloud is mandatory.

- Experience of common information security management frameworks, such as ISO/IEC 27001, SOC-2, NIST etc.

- Experience conducting Information Security training for various functional teams.

- Experience conducting Vulnerability Assessment and Penetration Testing of various cloud [AWS, MS Azure, GCP] based IT networks.

- Experience w.r.t framing and implementing various security policies and processes.

- Excellent written and verbal communication skills and high level of personal integrity

- Excellent presentation skills

- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.

- Experience with contract and vendor negotiations and management including managed services.

- Specific experience in Agile (scaled) software development or other best in class development practices.

- Experience with Cloud computing/Elastic computing across virtualized environments.

- Professional security management certification viz. CISM, CISSP etc. will be an added advantage.

Educational Qualification:

- B.E/B.Tech/M.E/M.Tech Computer Science/EE/E&C/IT