Lead - It Security

Job Summary: We are seeking an experienced and highly skilled IT Security Lead to spearhead our cybersecurity initiatives, with a primary focus on managing and optimizing our Sophos perimeter security and Trend Micro endpoint and email security platforms, while also ensuring the continuous adherence to and improvement of our ISO 27001 Information Security Management System (ISMS).
The ideal candidate will be a hands-on technical expert, a proactive problem-solver, a strong leader, and a meticulous practitioner of security best practices and compliance.
Key Responsibilities: Information Security Management System (ISMS) & ISO 27001 Compliance: Lead the ongoing maintenance, operation, and continuous improvement of the organization's ISO 27001 certified Information Security Management System (ISMS).
Develop, review, and update information security policies, procedures, and guidelines in alignment with ISO 27001 requirements.
Conduct internal audits and facilitate external audits related to ISO 27001, ensuring all non-conformities are addressed and resolved efficiently.
Manage the information security risk assessment and treatment process, identifying, analyzing, and mitigating risks in accordance with the ISMS.
Oversee the implementation and effectiveness of ISO 27001 Annex A controls across the IT environment.
Promote a security-aware culture through regular training and awareness programs for all employees, aligned with ISO 27001 principles.
Maintain accurate and complete documentation for all ISMS processes, controls, and records.
Sophos Perimeter Security Management: Administer, configure, and optimize Sophos Firewall/UTM devices (e.g., Sophos XG Firewall, Sophos Central Firewall Management), including rule sets, policies, SDWAN, VPNs (IPsec, SSL VPN), and network segmentation.
Implement and manage advanced threat protection features such as Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), Sandboxing, Web Filtering, and Application Control within the Sophos ecosystem.
Monitor and analyze network security events, logs, and alerts from Sophos platforms to identify and respond to threats effectively.
Perform regular health checks, performance tuning, and firmware upgrades for Sophos perimeter devices.
Trend Micro Endpoint & Email Security Management: Administer, deploy, and manage Trend Micro endpoint protection platforms (e.g., Apex One, Vision One Endpoint Security) across all organizational endpoints (desktops, laptops, servers).
Configure and fine-tune endpoint security policies, including antivirus, anti-malware, ransomware protection, device control, data loss prevention (DLP), and vulnerability protection/virtual patching.
Manage and monitor Trend Micro Email Security solutions (e.g., Cloud App Security, Hosted Email Security) to protect against advanced threats like phishing, spam, business email compromise (BEC), and malware.
Oversee the centralized management, reporting, and incident response for Trend Micro products.
Ensure timely security updates and signature deployments for all Trend Micro agents.
Incident Response & Threat Management: Lead security incident response efforts, from initial detection and analysis to containment, eradication, recovery, and post-incident review, leveraging insights from Sophos and Trend Micro.
Conduct proactive threat hunting and forensic analysis using security tools and threat intelligence.
Analyze security alerts, logs, and vulnerability reports to identify potential breaches, anomalous activities, and emerging threats.
Develop and refine security incident response plans and escalation procedures, integrating them with the ISMS.
Security Operations & Best Practices: Identify security gaps, perform comprehensive threat and risk assessments, and propose effective mitigating measures.
Oversee vulnerability management activities, including regular scanning, assessment, and remediation of identified vulnerabilities.
Collaborate with IT infrastructure and application teams to ensure security is integrated into all stages of the system development lifecycle (SDLC) and IT operations.
Stay abreast of the latest cybersecurity threats, vulnerabilities, technologies, and regulatory changes.
Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
6+ years of progressive experience in IT Security, with at least 2+ years in a lead or senior role.
Demonstrable expert-level knowledge and hands-on experience with: Sophos Perimeter Security solutions: Sophos Firewall/UTM (XG Firewall, SG UTM), including extensive experience with IPS/IDS, ATP, Web Filtering, SDWN, VPNs, and Sophos Central management.
Trend Micro Endpoint Security: Trend Micro Apex One, Deep Security, or similar endpoint protection platforms, covering advanced threat protection, device control, DLP, and centralized management.
Trend Micro Email Security: In-depth experience with Trend Micro Email Security solutions for inbound/outbound email protection, including anti-spam, anti-phishing, and advanced malware detection.
Proven experience in implementing, maintaining, and auditing an Information Security Management System (ISMS) in accordance with ISO 27001 standards.
Strong understanding of network protocols (TCP/IP, DNS), routing, switching, and common network security concepts.
Proficiency in security risk management frameworks and methodologies.
Experience with Security Information and Event Management (SIEM) platforms.
Excellent analytical, problem-solving, and organizational skills.
Strong written and verbal communication skills, with the ability to articulate complex security concepts and ISO 27001 requirements to technical and non-technical audiences.
Proactive, independent, resourceful, and capable of working effectively in a team environment and leading security initiatives.
Preferred Certifications (one or more highly desirable): ISO 27001 Lead Implementer (highly preferred) ISO 27001 Lead Auditor CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) Sophos Certified Engineer/Architect Trend Micro Certified Professional Comp TIA Security+ CEH (Certified Ethical Hacker) About the company: SAEL Group has emerged with a bold vision of establishing world-class renewable assets spanning the solar and biomass sectors, with a steadfast commitment to ensuring stable profitability.
We are utilizing agricultural waste as fuel to produce renewable power round the clock.
We have the largest capacity of waste-to-energy generation.
Already making strides in the renewable energy space, we aim to escalate our renewable capacity to 5 GW within the next 4-5 years by adding 100 MW of new biomass and 600 MW of new solar capacity annually.
This ambitious endeavor aligns with the Government of India's vision to achieve 500 GW capacity from renewable energy sources by 2030.
The SAEL Group is set to embark on a journey that combines organic and inorganic strategies, leveraging marquee investors and partners to realize our vision.
At the forefront of this effort is SAEL Industries, the pivotal entity responsible for raising growth capital across various business segments.
In addition to its overarching role, SAEL Industries is actively involved in Engineering, Procurement, and Construction (EPC) for the Group's upcoming renewable projects.
Furthermore, it takes charge of the Operation and Maintenance (O& M) activities for both existing commissioned projects and those on the horizon.
Through a comprehensive approach, SAEL Group is poised to make significant contributions to the Government's renewable energy targets, exemplifying our commitment to sustainable and impactful growth.

---