india, Haryana, Gurugram

Full–time

Posted on: 4 days ago

Full–time

Posted on: 4 days ago

Job Requirements

Your key responsibilities will include:
Implementation of Zero Trust Framework.
Get ISO 27001 certification for the organization.
Manage cyber security operations.
Raise the awareness level of employees about cyber security.
Regular reporting & dashboards

Review the current IT & cyber security landscape, validate the current cyber security roadmap and make relevant changes as necessary.
Evaluation, comparison, finalization and implementation of necessary tools, technologies and processes inline with Zero Trust framework.
Assessment of current deployment and enhancement of Network Admission Control.
Assessment of current deployment and enhancement of Privileged Access Management.
Assessment of current deployment and enhancement of Identity & Access Management.
Implementation of cloud security controls.
Review the Operational Technology landscape & implementation of necessary tools & technologies for OT Security.
Evaluate the SIEM (Security information & event Management) tools and managed SOC (Security operations Center) offering available in the market. Prepare comparative for decision making & enrollment.

Assess the current policies and procedures.
Do the gap assessment from ISO 27001 perspective.
Revision of policies in accordance with ISO 27001, rollout of policies, adoption, adherence and Internal audits against the policies.

Get the vulnerability analysis and risk assessment performed regularly.
Based on the assessment report, remediate the security issues using existing tools and technologies.
Evaluation of available solutions in the industries to remediate the issues which can’t be fixed using the existing tools and technologies.
Analyze architecture of application & infrastructure before any platform is brought into the ecosystem.
Management & governance of cyber security operations handled by an outsourced agency.
Regular monitoring & reporting of the health of Cyber Security.
Ensure the adherence to the Security Policies and checklists before any application or platform is brought into the ecosystem.
Manage Endpoint protection and Endpoint Detection & Remediation deployment & operations - ensuring complete coverage - installed on all endpoints and servers, updating prevention policies on a regular basis, Application whitelisting/blacklisting, vulnerability monitoring and reporting.
Get the patching done on all endpoints and servers regularly based on the vulnerabilities detected by EPP and EDR tool, patches released by OEMs and other out of band patches.
Define and document security Incident management process.
Ensure the adherence to security Incident management process.
In case of any security incident, immediate remedial action to be taken, regular updates to IT Leadership and management.
Complete forensics of the incident to be performed, remedial action taken, root cause analysis done and corrective measures to be performed.
Tracking and understanding emerging security practices and standards.

Regular user awareness drills.
Regular communication to the employees.
Conduct employee trainings on good cyber practices.

Monthly cyber security health report - Adoption and benefit realization against the investment made.
Fortnightly dashboard to leadership team - Stats on Cyber defense, Incident.
Project plan and status for cyber security projects

8-12 years of experience (manufacturing experience would be an added advantage).
Technical knowledge on following technologies:
Perimeter Firewalls - Cisco, Palo Alto, Fortinet
NAC - Cisco ISE, Forescout
EDR - Sentinel, CrowdStrike
WAF - Akamai, Others
SASE, CASB, CSPM, Cloud Security
PAM - CyberArk, Arcos
Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability.
Excellent written and verbal communication skills as well as business acumen and a commercial outlook.
Ability to manage senior stakeholders

GET IT ON

Google Play

india, Haryana, Gurugram