Lead - Talent Acquisition at U GRO Capital
Views:69 Applications:18 Rec. Actions:Recruiter Actions:15
U GRO Capital - Lead - Information Security (6-10 yrs)
About Us :
U GRO Capital Limited (formerly known as Chokhani Securities Limited), which was formed in 1993, is a BSE listed, Non- Banking Financial Company. The Company was acquired by Mr. Shachindra Nath, a seasoned financial services professional turned entrepreneur on July 5th, 2018 with a view to reinvigorate it as a SME & MSME focused financing platform catering to select sub-sectors within the market.
The Company has raised ~INR 950 Crores of Equity Capital from a diversified set of Institutional Investors and well-known family offices and has revamped its Board to include individuals with strong industry repute and deep domain experience. U GRO aims to build an institutionally backed SME financing platform basis deep sectoral knowledge and cutting-edge technology.
The Company would focus on giving loans to SME clients in Healthcare, Education, Chemicals, Food Processing/FMCG, Hospitality, Electrical Equipment & Components, Auto Components and Light Engineering segments. Our goal is to provide customized products to suit every financing requirement of our customers.
- Bachelor's Degree in Information Systems, Computer Science, Information Security or related field required.
- Masters in the similar field preferred.
Experience/ Industry - 6 - 10 years IT security or information security experience with a proven ability to engage with Senior Management and regulators.
- 4+ years- experience in implementing IT security controls in an organization.
- 2+ years of experience in Cloud Based Information Security
Key Responsibilities At UGRO Capital, the person would need to work closely with the business and IT teams to identify risks from internal and external environment and design, deploy and maintain adequate controls to reduce risks.
1) Cyber risk and cyber intelligence :
- Keeping abreast of developing security threats, and helping the management understand potential security problems that might arise from business plans, applications, infrastructure, partners etc
- Conducting a continuous assessment of current IT security practice. Running security audits and risk assessments and reporting on means to reduce risks and minimize threats.
- Protecting of Network security, Server security, Advanced treat Protection (ATP), SIEM (security incident event management), IPS/IDS, End User Security, Cloud Security products and solutions
2) Security architecture :
- Creating and implementing a strategy for managing risks. Planning, buying, and rolling out security hardware and software, ensures IT and network infrastructure is designed with best security practices standards.
3) Security operations :
- Real-time analysis of immediate threats, and triage when something goes wrong. Monitoring security vulnerabilities and hacking threats in network and host systems
- Developing and implementing business continuity plans.
- Conduct IT security risk assessments and Business Impact Analysis
- To undertake Vulnerability Assessment of OS, DB, Network/Cloud Infra and application manually as well as by using tools.
4) Data loss and cyber fraud prevention.
5) Identity and access management.
6) Program Management, Investigations and forensics
Additional Experience Details :
- Mandatory to have certifications more than one of the following; CISSP/ CISM/ ISO 27001(Lead Implementor) / Certified Ethical Hacker, CISA
- Experience with security technologies security products, firewalls, SIEM, IDS/IPS, encryption, DLP, OS compliance checkers etc
- Working knowledge of processes related to Disaster Recovery & Business Continuity
- Should be able to analyze VAPT reports and provide recommendations
- Exposure towards planning and conducting Information Security Audits.