High Salary: Information Security Lead

Job Description

About Us :

We reimagine the way enterprises work for the better. Enabling our clients to innovate on business models and drive game-changing efficiency with best-of-breed digital platforms.

Our digital platforms help clients capitalize on the inherent power of a connected enterprise. We do this by amplifying the human potential, crafting connected customer journeys, and exploiting the power of value networks.

Powered by native AI and automation capabilities, with security and scalability at the core, our digital platforms help enterprises discover & automate processes, digitize & structure unstructured data and unlock the power of the network by integrating enterprises. We drive digital transformation by delivering actionable intelligence and fulfilling our client&aposs vision of building a connected enterprise.

Key Responsibilities :

Leadership and Management :

- Lead, mentor, and develop a high-performing team of security professionals.

- Foster a culture of innovation, collaboration, and continuous improvement.

- Recruit and onboard talented security engineers to strengthen the team.

- Develop and implement the company&aposs security policies, procedures, and best practices to protect public cloud environments.

- Provide strategic direction and oversight for the information security function and initiate relevant projects.

Technical Expertise :

- Oversee the deployment, configuration, and management of appropriate security tools.

- Ensure robust security measures are in place to protect cloud infrastructure and applications.

- Assess new security solutions and tools considering the rapidly evolving threat landscape and business needs.

Collaboration and Communication :

- Collaborate with cross-functional teams to integrate security measures into business processes.

- Communicate security policies and procedures to stakeholders and ensure adherence.

- Engage with clients in pre-sales and post-sales scenarios to effectively demonstrate the company&aposs security posture to clients and prospects.

- Define incident response plans, manage security incidents, and respond appropriately.

- Manage relationships and negotiate contracts with security vendors and partners.

- Review client contracts for information security clauses to ensure the best interests of the company.

Governance, Compliance and Risk Management :

- Ensure compliance with relevant laws, industry standards, and regulations such as PCI DSS, GDPR, APRA, DORA, DPDPA, SOC 2, etc.

- Conduct and support regular security assessments, audits, and compliance checks to identify and mitigate risks.

- Prepare and present security reports to senior management and stakeholders.

Qualifications :

- Education : Bachelors or Masters degree in Information Security, Computer Science, or a related field.

- Certifications : CISM or CISSP certification is highly desirable.

- Experience : 18+ years of experience in security management, with at least 5 years in a senior role.

Skills :

- Strong leadership and team management skills.

- Knowledge of enterprise IT security technologies, including but not limited to Cloud Security, Firewalls, network security, Encryption, Authentication, IAM, Web Application Firewalls (WAFs), Privileged Access Management (PAM) etc.

- Application Security and DevSecOps experience

- Excellent communication and interpersonal skills.

- Proven ability to define incident response plans, manage security incidents and respond as per plans.

- Strong analytical and problem-solving abilities.

- Experience in interacting with clients across geographies.

- Knowledge and understanding of Infosec standards like ISO 27001 and PCI DSS, with experience in at least ISO 27001 implementation, auditing and certification.

- Sufficient understanding of Cloud Security framework across multiple service providers like AWS, Azure & GCP.

- Understanding of Enterprise Information Security risks and processes and technology risk management.

- Business Acumen - Ability to command the respect of not only peers, but also business management. Strong understanding of business requirements and processes as they relate to enterprise security architecture.

---