'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Lead - Cyber Security Operations - KPO
Delhi NCRLead - Cyber Security - KPO
Job Description :
Job Title : Cyber Security Operations Lead Location Gurgaon
A. Position Summary :
The Security Operations Lead would be an executive who shall be entrusted to drive the agenda of the Information & Cyber Security of the Company in accordance with the established policies and procedures & implement the information security program through various initiatives by working closely with various stakeholder including external entities such as vendors / third parties and provide periodic updates to the senior management. This position shall report to VP, IT Infrastructure.
B. Key Responsibilities :
The candidate shall be responsible for the following :
Cyber Security Program :
a) Leads Security Operations to meet organization Cyber Security objectives & goals
b) Communicate & work closely with IT Team, where operational security issues are identified
c) Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
d) Partners with SOC and Incident Response teams in the event of a security incident to ensure timely mitigation and remediation efforts are completed
e) Creates and maintains Cyber Security policies, procedure and control standards.
f) Produces high quality communication, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management
g) Maintains current knowledge with respect to technologies and products both in house and in the market.
h) Recommends effective changes to enhance defense and response procedures
i) Drives team to evaluate, tests, and selects security tools and products.
Technical Know-how :
a) In-depth knowledge of modern security concepts such as common attack vectors, malware, security analytics and threat intelligence.
b) Understanding of Cybersecurity Operations models and technologies (cloud, automation, orchestration, analytics, and risk-based approaches).
c) Excellent understanding of major regulatory and industry standards such as NIST and MITRE ATT&ACK framework.
d) Work closely with SOC partner, Cert-in and other similar bodies and act promptly on latest cyber threat advisories
e) Experience with Endpoint Detection & Response (EDR/XDR), automation (SOAR) and SIEM tools.
f) Ability to review, test (POC), finalize & propose Security tools, meeting organization requirements
g) Ability to review existing Cyber Security posture of the organization and highlight areas of improvements and potential gaps in cyber controls
h) Fair knowledge and hands-on experience in Antivirus, Patching, systems hardening and server & endpoint protection
i) Knowledge and hand-on on tools and technologies like - MFA, MDM, Data Discovery & Classification, NAC, Encryption, DLP, PAM, IPS/IDS, WAF, Firewall, Proxy, AD, O365, SOC operations, Proxy etc.
j) In-depth ability to review Vulnerability Reports and suggest/ propose remedial actions
k) Work closely with Security Partners and act promptly on Security Advisories and vulnerabilities
Stakeholder Management & Communication :
a) Ability to communicate technical ideas and strategies effectively to non-technical audiences, including executive leadership, via multiple mediums (e.g., written communications, verbal communications, presentations, etc.).
b) Cybersecurity Technology Trends - Demonstrates a strong understanding of emerging trends in the Cybersecurity technology landscape, including new technologies, processes, and ways of working. Able to determine the impact of technological advancement on the company's systems, applications, infrastructure, and practices.
c) Vendor / Contract Management - Ability to build effective relationships with third party providers, suppliers, and partners
Risk Management and Incident Response :
a) Perform information security risk assessments with respect to Company's functional security domains as well as 3rd party vendor environments on an ongoing basis and report any significant risks to the ISC / senior management.
b) Provide inputs for building Information & Cyber Security Risk metrics / dashboards & reports for parameters across various domains.
c) Ensure compliance to the Information and Cyber Security policy, procedures & standards of the Organization. Keep IT policies, procedures & runbooks updated
d) Control & facilitate the identification, response, investigation, remediation, and reporting of information security incidents
e) Managing the advance threat protection & strengthen the cyber incidents response framework & capabilities
f) Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
g) Examine impacts of new technologies on the organization's overall information security.
C. Job Specifications :
Qualifications :
1. Diploma/ Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field, or equivalent training and/or experience.
2. ISO 27001 LA/ LI, CEH, CISA, CISSP or other Cyber Security Certifications would be an advantage
Experience :
1. Overall, 8-12 years of relevant experience in information security & crisis management. Preference shall be given to experience in Insurance tech , IT or BFSI.
2. Knowledge of information security standards such as ISO, PCI etc.
D. Key Technical Competencies :
1. Fair knowledge of regulatory guidelines, legislations, statutory requirements, and its application within the Company.
2. Good understanding of the information security principles, policies, practices, and implementation of next generation technologies
3. Understanding of the nature of cyber threats and risks to the Company's information assets
4. Ability to correlate information & cyber security issues & mitigation plan with the overall Company's strategy
E. Key Core/ Behavioral Competencies :
1. Candidate should be good at project management, written and oral communication skills
2. Candidate shall have ability to collaborate with functional teams and work closely on information security initiatives
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}