High Security

From 20 to 30 year(s) of experience

₹ Not Disclosed by Recruiter
- New Delhi

**Roles and Responsibilities**

**Job Title**

**Head of Security / Chief Information Security Officer**

**Job Overview**

**Responsibilities **and Duties**

Supports the business in implementing architecture and security systems to meet security and compliance requirements to drive down information security risk.

Defends the business by building and implementing security process and procedure to protect and respond to risk.

Promotes responsible behavior by improving the culture internally to ensure all staff are protecting against possible security incidents.

Continuous improvement by ensuring security updates and implemented as and when necessary.

Build the security team and help towards ISO27001 implementation.

Ensures security documentation and leads DoP through security compliance processes, accreditations, and/or authority to operate lifecycles.

Design security architectures to meet DoP’s data classifications' requirements, including privacy legislation and its impact on technical architecture.

Manage the development, refresh, and implementation of security

policies, standards, guidelines, and procedures.

Implements remedies for latest and emerging vulnerabilities.

Recognize areas for security improvements within the platform’s automation, access controls, network, automated compliance, alerting, and forensics

Define and support secure continuous delivery approaches including tooling and automated testing.

Provide regular reports auditing DoP’s current services and latest changes, as well as our internal practices.

Responsible for guiding the security teams in planning, implementing, and managing the overall system security strategy.

Implement new processes with the goal to optimize DoP's security system.

Recommend security systems based on findings of security inspection.

Establish & deliver centralized reporting within DoP on the effectiveness of the information & product security function and its performance against strategic objectives.

Prioritize design of the DoP Process Framework processes (including resource allocation) based on the agreed compliance requirements, business requirements and the underpinning IT.

Support/localize product & information security awareness, training, and education programs.

Establishing, prioritizing, and approving the compliance, regulatory & interface requirements, high level project planning, changes, improvements, and defect corrections.

Support a change control board which monitors and controls the ongoing processes and IT tool to meet current and new business requirements,

manage change requests and works with other systems/processes.

**Educational**

Bachelor’s degree in engineering, computer science, or computer

engineering.

**Certification**

Security specialist certification such as CISSP/CISM/CRISC or above preferred.

**Work **Experience**

20+ years in implementation/consulting experience with Security, Compliance, and Risk Management including a mix of hands-on technical architecture work along with compliance and oversight

Great understanding of ISO27001, certification/recertification, implement policy according to legislation

Security Auditing experience

Business process understanding, able to understand general business operation activities to avoid business down time.

Hands-on experience with secure networking design concepts, services such as DNS, HTTPS, and TLS, as well as securing software-defined systems.

Understanding of network security (incl. Network and Host IDS/IPS, WAF, SIEM, Antimalware, DLP, URL filtering, IDAM, SSO, other)

Experience with incident response, and understanding malwares such as worms, viruses and trojans and counter measures. Experience in designing architectures to meet security and compliance requirements for public sector entities.

Experience building Security documentation packages and leading organizations through Security compliance processes, accreditations, and/or authority to operate life cycles.

Experience presenting Security technical and compliance material to both

technical and non-technical DoP customers.

Experience in working with multi-functional teams and large teams especially in the public sector

Experience with Hybrid & Multi-Cloud security architectures.

Experience in the design, implementation, and certification of security controls.

Experience In developing and implementing security operating procedure

Experience of Root Cause Analysis

**Soft Skills**

Fantastic leadership skills (proven)

Problem analysis and resolution ability

Able to communicate well at senior and board level to help others understand risk.

Attention to detail.

Excellent organizational skills.

Strong team player.

Collaboration with various stakeholders across teams.

Capable of working independently.

Proactive initiative skills.
- Role:_IT Security - Other
- Salary:_ Not Disclosed by Recruiter
- I