Director- Security

Job description

Acuity Knowledge Partners

Acuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and industry experts, combined with proprietary technology, supports more than 600 financial institutions and consulting companies to operate more efficiently and unlock their human capital, driving revenue higher and transforming operations. Acuity is headquartered in London and operates from 10 locations worldwide.

The company fosters a diverse, equitable and inclusive work environment, nurturing talent, regardless of race, gender, ethnicity or sexual orientation.

Acuity was established as a separate business from Moodys Corporation in 2019, following its acquisition by Equistone Partners Europe (Equistone). In January 2023, funds advised by global private equity firm Permira acquired a majority stake in the business from Equistone, which remains invested as a minority shareholder.

For more information, visit

Position Title- Director

Experience Level-10 yrs

Department-IT

Location-Gurgaon

Job Summary

We are looking for a Senior Security & Environments Administrator to manage the security, infrastructure, and environment provisioning for a global ERP & CRM rollout. The ideal candidate will have extensive experience with Oracle Cloud Infrastructure (OCI), ERP security best practices, and DevSecOps methodologies. This is a hands-on role, ensuring secure, compliant, and optimised environments across development, testing, and production landscapes.

Key Responsibilities

Security & Compliance:

• Define and enforce security policies, role-based access controls (RBAC), and segregation of duties (SoD) within the ERP & CRM environments.

• Manage user access, authentication protocols (SSO, MFA), and identity management in Oracle Cloud and connected systems.

• Implement data security policies, including encryption, masking, and anonymisation, ensuring compliance with GDPR, ISO 27001, SOC 2, and other regulations.

• Conduct regular security audits, vulnerability assessments, and penetration testing to identify and mitigate risks.

• Monitor security logs and alerts, ensuring proactive threat detection and incident response.

Environment Provisioning & Management:

• Oversee the setup, configuration, and maintenance of non-production and production environments across ERP & CRM landscapes.

• Work closely with infrastructure teams, DevOps engineers, and database administrators to ensure optimal system performance.

• Develop and maintain environment refresh strategies, ensuring data consistency and minimal downtime.

• Manage disaster recovery (DR) and backup strategies, ensuring business continuity.

• Implement infrastructure as code (IaC) principles using Terraform, Ansible, or similar tools.

DevSecOps & Automation:

• Integrate security best practices into CI/CD pipelines, ensuring automated security testing in ERP/CRM deployments.

• Work with DevOps teams to automate environment provisioning, patching, and configuration management.

• Ensure compliance with secure coding, cloud security, and network security best practices.

• Manage secrets, keys, and privileged credentials using vault solutions (CyberArk, HashiCorp Vault).

Stakeholder Engagement & Governance:

• Act as the primary point of contact for security and environment management in the ERP & CRM program.

• Collaborate with business units, IT teams, and external vendors to align security and infrastructure strategies.

• Provide regular security and compliance reports to senior leadership and audit teams.

• Establish incident response and escalation procedures for security and environment-related issues.

Technical & Tool Expertise:

• Deep expertise in Oracle Cloud Infrastructure (OCI), Oracle ERP security, and environment management.

• Experience with identity and access management (IAM), role-based access control (RBAC), and security frameworks.

• Strong hands-on knowledge of cloud security, firewalls, VPNs, and network segmentation.

• Proficiency in CI/CD pipelines, DevSecOps tooling (SonarQube, Aqua Security, Checkmarx), and automation frameworks.

• Knowledge of Linux/Unix, scripting (Bash, Python), and database security (Oracle DB, SQL Server, PostgreSQL).

• Familiarity with security information and event management (SIEM) solutions (Splunk, Azure Sentinel).

Key Competencies

Required Skills & Experience

• 10 years of experience in security, infrastructure, and cloud environment management.

• Proven experience in securing large-scale ERP & CRM implementations (Oracle Cloud, Fusion, Salesforce, etc.).

• Strong expertise in security governance, risk management, and compliance (GRC) frameworks.

• Hands-on experience in environment provisioning, patching, and automation.

• Ability to analyse and resolve complex security and infrastructure issues.

• Excellent communication, problem-solving, and stakeholder management skills.

Preferred Qualifications:

• Certifications: Oracle Cloud Security, CISSP, CISM, AWS/Azure Security, CEH.

• Experience with hybrid cloud security models and zero-trust architectures.

• Exposure to container security (Kubernetes, Docker) and microservices security.

• Familiarity with blockchain, AI-driven security, or quantum encryption.