Job Role & Purpose:
• Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems.
• Investigates major breaches of security, and recommends appropriate control improvements. Contributes to development of information security policy, standards and guidelines. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks and manages security incidents. Uses forensics where appropriate. Acting as single point of contact for security related program for internal and external stake holders.
IT/Information Security Strategy
• Work with Group IT Infrastructure Head to contribute in developing IT/Information Security strategy and roadmap for the business, aligned with the business strategic goals and the business operating model.
• Contribute to security strategy and architecture by identifying gaps, evaluating, recommending and implementing solutions.
• Support the implementation of the IT/Information Security strategy aligned to business strategic priorities
Information Security Program
• Identifying, Developing, and maintaining information security policies, procedures and guidelines to meet the current needs and based on ISO 27000 standard.
• Assist IT business units in identifying the vital business functions, assessing the CIA aspects and recommending necessary controls, preparing cost/budget.
• Identifying and documenting the industry standard compliance requirements ex: PCI-DSS, Data Protection etc. and bring into the attention of management along with possible recommendation of controls.
• Assist IT management in performing audit on information security policy & procedure compliance/ assurance.
• Improving security posture by performing or facilitating vulnerability analysis, identifying issues and coordinating to implement controls, policies and procedures. Mentoring IT team members, answering technical and procedural queries from various state holders.
• Working with technical teams, business units, project teams including vendors to ensure security standards, policies and procedures are integrated into their design and processes.
• Participate in preparing business cases, solution evaluation and selection, RFP preparation, budgeting etc. to in a security consulting role to ensure the security aspects are integrated or taken care.
• Leads suitable information security awareness, training & educational activities.
IT Security Operations
• Acting as SPOC for all security related initiatives for internal and external stake holders.
• Monitoring and analysing security alerts, logs and distributing information to security, technical and business unit management personnel on defined need basis.
• Monitoring and reviewing the logs, status of controls implemented for availability and continuity of critical assets (ex: backup and replications, Backup, HA DR logs, tests and drills etc.) in coordination with the respective technical teams. Providing periodic updates/reports and escalations to management as defined for any exceptions identified.
• Monitoring Security Incident & Event Management once implemented and initiating necessary actions, escalations based on identified patterns of malicious activity.
• Collect information and report on measures, KPIs, CSFs and KRIs related to Information/IT Security management as defined by management.
Security Incident Management
• Maintaining and developing security incident response plan, incident models and perform awareness and training for the people handling the security incidents at various levels.
• Incident handling at the primary level following the developed and approved incident handling models. Develop new incident models on need basis and submit to management review and approval.
• Performing initial assessment for breaches, collecting the forensics and recommending procedures for containment of breach without compromising collection of evidence wherever possible along with preparation of incident reports. Further evaluate, recommend and assist in implementation of approved security controls, tools and solutions based on incidents and oversight.