Lead - Information Security - Education

Location - Delhi

Job description

The Information security Lead (ISL) is the head of IT security, driving the IT security strategy and implementation forward whilst protecting the business from security threats and cyber-hacking. Operational compliance to all ISO and other standards and regulations is the responsibility of the role.

ISL is also accountable for ensuring appropriate controls are in place for the security of information assets. The ISO safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards. The role is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.

Qualifications:

- Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.

- A Master's degree is highly desirable.

- Industry certifications will be a plus e.g. CISSP, CISSLP, SANS, CISA, CGEIT certifications

Experience

- 12-15 years of in-depth, hands-on working knowledge in Security assurance, application security, technologies and operational experience in a global environment.

- Strong exposure to application security and Secure Development Lifecycles and their application in an agile environment including the use of SAST and DAST assessment methodologies

Key responsibilities:

- Managing the daily operation and implementation of the IT security strategy

- Actively ensure appropriate administrative, physical and technical safeguards are in place to protect information assets from internal and external threats

- Conducting a continuous assessment of current IT security practices and systems and identifying areas for improvement

- Running security audits and risk assessments - Delivering new security technology approaches and implementing next generation solutions

- Overseeing the management of the IT security department, giving leadership to the team and developing staff

- Ensuring compliance and IT Governance framework for implementing supporting processes

- Driving change projects and building new IT capabilities

- Developing and implementing business continuity plans

- Protecting the intellectual property of the organization

- Devising strategies and implementing IT solutions to minimize the risk of cyber-attacks

- Communicating digital programmes and strategy to a range of stakeholders

- Managing the IT security budget and communicating this with the appropriate parties