Consultant at Mahindra and Mahindra Ltd
Views:514 Applications:98 Rec. Actions:Recruiter Actions:2
Mahindra & Mahindra - Head - Shared CISO (12-18 yrs)
Head Shared CISO
Responsibilities & Key Deliverables:
- Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Work directly with the businesses to facilitate risk assessment and risk management processes.
- Provide leadership to the enterprise's information security organization
- Acts as a SME for IT security overall architecture across verticals / areas and risk vector
- Engage with functional heads and stakeholders in understanding the security, compliance and privacy requirements required to stay compliant.
- Strategize the security roadmap, implement systems, processes and governance to meet organisational security requirements.
- Develop IT strategy covering infrastructure, internal systems and processes, information security and business continuity plans.
- Ensure the necessary support systems and programs are employed in ensuring the audit requirements are met both from an internal and external regulatory standpoint.
- To design and implement a comprehensive checklist to manage information security including data security, application security, network security, endpoint security, secure logging and monitoring, cloud security, mobile security etc.
- Ensure regular risk assessments and vulnerability assessments to identify potential security risks and develop and execute plans to mitigate these risks.
- Monitor organizations' computer networks for vulnerabilities and coordinate risk mitigation plans with other cybersecurity professionals.
- Ensure the organization's compliance with relevant industry regulations and data protection laws.
- 12-15 years of experience in designing, implementing, and managing security systems, processes and tools in the area of security, compliance and privacy.
- Proven hands-on experience in creating, running, managing information security systems that includes but not limited to IDS/IPS, Firewalls, DDoS, WAF.
Qualifications: BE Telecommunication / Computer IT with certification in network professional