Cyber Security Manager

We are an executive search firm from Mumbai and are engaged into the recruitment business for the past 12+ years.

We are currently looking for an Cyber Security Manager for our leading client who is a diversified organisation in India comprising 6 publicly traded companies. It has world class transport and utility infrastructure portfolio that has a pan-India presence.

Job Description:

- 10+ years of experience in IT security management and projects

- 5+ years in security management work where progressive growth and supervisory experience has been demonstrated

- Prior experience in Mining IT & OT systems and applications is preferred but not mandatory.

- Knowledge of information technology security architecture components across a variety of platforms, including: SCADA systems, firewalls, IPS, IDS, ATP, SSL certificates, proxy and content filtering technologies, databases, and cloud services (CASB)

Educational Qualification:

- Bachelor's Degree in Engineering, Information Systems, Computer Science, or related field from a premier institute

- Certification in IT Audit and Information Security (e.g. CISSP, CISA, CISM, ISO27001)

Key Accountabilities:

- Review and understand the Scope and define technical requirements of information security systems.

- Develop security event calendar under guidance of Group CISO and BU CIO/ IT Head. Closely work with reporting manager and make sure security calendar is implemented.

- Execution of all security initiatives across the Corporate Services BU through robust project management in line with the group strategic plan, including:

- Timely tracking for Security Projects.

- Coordinating with OEM for agreed SOW for implementation and the due dates for the deliveries.

- Ensuring the defined standards (internal or external).

- All deliveries and work done should comply with the agreed standards.

- Ensuring acceptable criteria defined as the minimum requirements for accepting deliverables.

- Coordinate with third party vendors for Infrastructure and Application VA/PT across the landscape, prepare risk register, define priorities of gaps identified during VA/PT and mitigate the gaps with respective owners with agreed timeline given by reporting manager.

- Coordinate with Infrastructure and system owners and custodians for system availability.

- Active participation in Natural Resources specific technology evaluation from security perspective, prepare detail evaluation sheet and manage POCs related to IT and OT security initiatives.

- Ensure project execution and stakeholder coordination at Natural Resources.

- Implementation of ISO27001 framework for Natural Resources, plan and execute successful certification for each site as per direction from group.

- Manage Info security trainings to users and internal security audits for all sites.

- Ensure baseline configuration compliance on all IT and OT assets - servers/network devices/Applications/Databases etc.

- Manage continuous risk management program to ensure the confidentiality, integrity and availability of the data.

- Establish, monitor, and report on relevant performance metrics and applicable compliance metrics.

- Review existing cyber security processes, policies, standards and suggest enhancements in accordance with the best practices, if there are any gaps exist.

- Data leakage prevention implementation, monitoring and management of incidents across Natural Resources.

- Ensure End point security compliance such as EDR, Encryption, DLP, Proxy etc. across all sites for Natural Resources

- Adequate knowledge of ICS/OT systems protocols e.g. Modbus, DNP, S7 communication etc and network architecture.