Job description
Role and Responsibilities:
- Strategic Planning: Developing and implementing the organization's information security strategy, aligning security initiatives with business objectives, and ensuring that the cybersecurity framework supports overall organizational goals
- Risk Management: Identifying, analyzing, and mitigating risks related to information security. This involves conducting regular risk assessments and managing the organizations risk portfolio
- Policy Development: Creating and enforcing security policies that comply with relevant regulations and standards. Ensuring that policies evolve to meet changing business and regulatory environments
- Incident Response: Managing and responding to security incidents and breaches. This includes overseeing regular penetration testing to ensure that the companys defenses are adequate and hosting regular mock incident drills
- Team Leadership: Leading the cybersecurity team, managing its development, training, and performance. Advocating adequate resources and budgets to support cybersecurity initiatives
- Communication: Acting as a bridge between the cybersecurity team and the executive management team. Communicating risks and security issues to non-technical stakeholders in a way that informs decision-making
- Compliance and Audit: Ensuring compliance with industry standards and regulations such as ISO 27001 and SOC 2 Type 2. Performing internal audits and facilitating independent audits by third-party auditors
- Threat Intelligence: Analyzing and responding to emerging threats and vulnerabilities. This includes maintaining up-to-date knowledge of the latest cybersecurity threats and trends
- Security Architecture: Overseeing the design, development, and implementation of IT security systems. Ensuring that security measures are integrated into the organization's IT infrastructure
- Training and Awareness: Providing training and resources to incident handling personnel. Promoting threat awareness and ensuring that employees are aware of the organization's security policies and procedures
Prerequisites:
1. Technical Expertise:
- Network and Systems Security: Deep understanding of securing networks, systems, and applications.
- Cloud Security: Knowledge of securing cloud environments and services.
- Incident Response: Proficiency in managing and responding to security incidents and breaches.
- Threat Intelligence: Ability to analyze and respond to emerging threats and vulnerabilities.
2. Certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Ethical Hacker (CEH)
- GIAC Certified Incident Handler (GCIH)
3. Ethical and Integrity:
- Ethical Behavior: Upholding high ethical standards and ensuring the same within the team.
- Integrity: Maintaining trust and credibility by being honest and transparent in all actions.
Education
B.Tech/B.E. in Any Specialization
Key Skills
Skills highlighted with ‘‘ are preferred keyskills