Information Security Lead

About Us :

We reimagine the way enterprises work for the better. Enabling our clients to innovate on business models and drive game-changing efficiency with best-of-breed digital platforms.

Our digital platforms help clients capitalize on the inherent power of a connected enterprise. We do this by amplifying the human potential, crafting connected customer journeys, and exploiting the power of value networks.

P
owered by native AI and automat
ion capabilities, with security and scalability at the core, our digital platforms help enterprises discover & automate processes, digitize & structure unstructured data and unlock the power of the network by integrating enterprises. We drive digital transformation by delivering actionable intelligence and fulfilling our client's vision of building a connected enterprise.

Key Responsibilities :

Leadership and Management :

• Lead, mentor, and develop a high-performing team of security professionals.

• Foster a culture of innovation, collaboration, and continuous improvement.

• Recruit and onboard talented security engineers to strengthen the team.

• Develop and implement the company's security policies, procedures, and best practices to protect public cloud environments.

• Provide strategic direction and oversight for the information security function and initiate relevant projects.

Technical Expertise :

• Oversee the deployment, configuration, and management of appropriate security tools.

• Ensure robust security measures are in place to protect cloud infrastructure and applications.

• Assess new security solutions and tools considering the rapidly evolving threat landscape and business needs.

Collaboration and Communication :

• Collaborate with cross-functional teams to integrate security measures into business processes.

• Communicate security policies and procedures to stakeholders and ensure adherence.

• Engage with clients in pre-sales and post-sales scenarios to effectively demonstrate the company's security posture to clients and prospects.

• Define incident response plans, manage security incidents, and respond appropriately.

• Manage relationships and negotiate contracts with security vendors and partners.

• Review client contracts for information security clauses to ensure the best interests of the company.

Governance, Compliance and Risk Management :

• Ensure compliance with relevant laws, industry standards, and regulations such as PCI DSS, GDPR, APRA, DORA, DPDPA, SOC 2, etc.

• Conduct and support regular security assessments, audits, and compliance checks to identify and mitigate risks.

• Prepare and present security reports to senior management and stakeholders.

Qualifications :

• Education : Bachelors or Masters degree in Information Security, Computer Science, or a related field.

• Certifications : CISM or CISSP certification is highly desirable.

• Experience : 18+ years of experience in security management, with at least 5 years in a senior role.

Skills :

• Strong leadership and team management skills.

• Knowledge of enterprise IT security technologies, including but not limited to Cloud Security, Firewalls, network security, Encryption, Authentication, IAM, Web Application Firewalls (WAFs), Privileged Access Management (PAM) etc.

• Application Security and DevSecOps experience

• Excellent communication and interpersonal skills.

• Proven ability to define incident response plans, manage security incidents and respond as per plans.

• Strong analytical and problem-solving abilities.

• Experience in interacting with clients across geographies.

• Knowledge and understanding of Infosec standards like ISO 27001 and PCI DSS, with experience in at least ISO 27001 implementation, auditing and certification.

• Sufficient understanding of Cloud Security framework across multiple service providers like AWS, Azure & GCP.

• Understanding of Enterprise Information Security risks and processes and technology risk management.

• Business Acumen - Ability to command the respect of not only peers, but also business management. Strong understanding of business requirements and processes as they relate to enterprise security architecture.