Divisional Information Security Officer (DISO)Location- Bangalore5Days work form officeInterview mode- MS teamsRequired immediate joiners max 15 to 30 days Notice period.Job ContextCybersecurity is now foundational for businesses to deliver on digital agenda as well as achieve committed objectives & outcomes. The divisional DISO role is created to lead the information security function across the division to ensure consistent and high-quality information security management in support of the division’s business goals.ResponsibilitiesThe divisional DISO is responsible for developing and implementing the division’s information security program with consultation from the central DISO organization. It involves, while enabling business to achieve their goals, identify, evaluate and mitigate risks to digital assets, intellectual properties, regulated data and reputation while ensuring statutory compliance. The divisional DISO leads with sound knowledge of cybersecurity technologies covering data centres, cloud, endpoint, network, applications and emerging technologies such as AI, ML, IoT, etc. as well as broader digital ecosystem. The person should be an integrator of people, process and technology within and from the ecosystem. DISO works proactively and assures not only confidentiality, integrity, and availability but also to the safety, privacy and recovery of information assets owned or processed by the business units and ecosystem partners. The divisional DISO articulates the impact of cybersecurity on digital business, and be able to communicate this to the business stakeholders, along with progress of security program & value to the business from time to time.TasksDevelop a comprehensive security program for the divisionDevelop the information security vision and strategy for the division that is aligned to division’s business priorities and enables and facilitates the business objectives, and ensures senior stakeholder buy-in and mandate.Implement, and monitor Information Management (IM) policy across division.Implement and monitor Incident response plan and procedures as laid down by the CISO organizationMonitor, track and drive cybersecurity awareness programs for the divisionOperate the security function Plan and manage the cybersecurity budget for the divisionAlign with CISO organization for integrated coordination in risk managementDrive cybersecurity projects within the divisionInnovate and proactively refresh policies and program to meet emerging needsContinuously evaluate cybersecurity needs, compliance, changes in security posture resulting from change in IT infrastructure, architecture, emerging threats, laws, standards, regulations and technologies.Build relationship with external ecosystem partners, service providers, industry peers, vendors to ensure that the division maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies. Work with divisions and extended IT leaders, member of the IT strategy committee, business leaders, non-IT functions, thus ensuring that the information security requirements are implicit in these architectures and security is built in the design.Establish governance and oversight of security programFacilitate operational oversight of security operations governance through the division’s cybersecurity committee.Provide periodic metrics-based progress report and develop appropriate KPIs to reflect improvements in value/performance/efficiency/compliance etc.RequirementsExperienceDemonstrated experience and success in middle management roles in risk management, information security, compliance, and cybersecurity in dynamic environment. Hands on experience in network, system, application, perimeter, endpoint, cloud and data centre security management, and security operations. Managing vulnerability using tools like Nessus, Qualys guard etc.Working in ISO27K environment, report preparing, leading internal and external security auditsKnowledge of ISO 27K, ISO20K, GDPR, COBIT, NIST, CSF frameworks/standardsSkills Ability to communicate effectively across the reporting chain, external and internal customers, leadership, peers etc.Excellent written and verbal communications skills, collaborative skills and effectively communicating technical stuffs to non-technical audience.Reasonably good analytical skills, ability to manage complex projects, under strict timelines as well as ability to work well in demanding, dynamic environment and meet overall objectives.Project management skills, financial/budgeting management, resource and schedule managementRelevant industry certification on cybersecurity is desirablePersonal CharacteristicsPoise and ability to act calmly and competently in high-pressure, high-stress situations. Strong problem solving and trouble-shooting skills.High level of personal integrity and maturity, as well as the ability to handle confidential matters.
Job Title
Security Officer