Application Onboarding & Security Lead (7-12 yrs)

Job Summary :

We are seeking a highly motivated and experienced Application Onboarding & Security Lead to manage our application onboarding processes and enhance our overall security posture. This role is pivotal in ensuring smooth application integrations, robust risk management, and adherence to security and compliance standards. You will lead a team, implement best practices, and collaborate with various stakeholders to maintain a secure and efficient IT environment.

Responsibilities :

Application Onboarding Leadership :

- Lead and mentor the Application Onboarding team, fostering a culture of continuous improvement and efficiency.

- Develop and streamline application onboarding processes to ensure seamless integration and minimal disruption.

- Establish and maintain clear onboarding documentation and procedures.

- Monitor and report on onboarding metrics to track performance and identify areas for improvement.

Risk Management & Security Enhancement :

- Conduct comprehensive risk assessments for new and existing applications, identifying potential vulnerabilities and threats.

- Develop and implement effective risk mitigation strategies and security controls.

- Perform regular security audits to ensure compliance with internal policies and external regulations.

- Implement and manage Data Loss Prevention (DLP) policies tailored to specific application needs.

ITIL/ITSM Implementation & Management :

- Implement and manage ITIL/ITSM best practices, processes, and tools to enhance service delivery and incident management.

- Ensure adherence to incident management, change management, and problem management processes.

- Drive continuous improvement initiatives to optimize IT service management.

Compliance & Security Audits :

- Perform regular security audits to identify vulnerabilities and ensure compliance with frameworks such as AWS Security Framework, ISO 27001, and GDPR.

- Assess and ensure compliance with privacy and security regulations.

- Identify root causes of security and compliance issues and implement effective resolutions.

Machine Learning Bias Detection :

- Detect and analyze bias in machine learning models, working closely with data science teams to implement bias mitigation strategies.

- Ensure that AI/ML systems are compliant with regulatory requirements.

Security Awareness & Training :

- Develop and deliver security awareness training programs to promote a strong compliance culture throughout the organization.

- Educate employees on security best practices and policies.

Stakeholder Communication & Collaboration :

- Effectively communicate with stakeholders, including customers, CVM Team, Security, and AoM Train, to ensure alignment and collaboration.

- Evaluate potential new solutions that simplify the compliance process, inform the capability roadmap, and mitigate risks.

- Understand buisness benefits and challenges to decide on solutions for inclusion in releases.

Requirements :

Technical Expertise :

- Extensive experience in Risk Assessment & Analysis, Internal Controls Evaluation, Compliance Management, Access Provisioning, IT Governance, Audit Support, Data Analysis, Stakeholder Management, Project Management, IT Service Management, Incident Management, and Change Management.

- Strong understanding of Cybersecurity principles and practices.

- Proficiency in ITIL Process Management and continuous improvement methodologies.

- Knowledge of AWS security framework, ISO 27001, and GDPR.

Leadership & Communication Skills :

- Exceptional leadership abilities with a proven track record of managing and mentoring teams.

- Strong communication, problem-solving, and decision-making skills.

- Ability to articulate complex technical concepts to both technical and non-technical audiences.

Analytical & Problem-Solving Skills :

- Ability to analyze complex data and identify trends and patterns.

- Strong problem-solving skills with the ability to develop and implement effective solutions.

- Ability to evaluate new compliance solutions.

Compliance & Regulatory Knowledge :

- In-depth knowledge of relevant security and compliance regulations and standards.

- Experience assessing compliance with privacy regulations.

Certifications (Optional but Preferred) :

- ISO 27001 : 2013 ISMS Lead Auditor

- Certified Scrum Master

- CCSK (Certificate of Cloud Security Knowledge)

Key Performance Indicators (KPIs) :

- Time taken for application onboarding.

- Reduction in security incidents and vulnerabilities.

- Compliance audit results.

- Effectiveness of security awareness training.

- Adherence to ITIL/ITSM processes.

- Reduction of bias in ML models.

- Stakeholder satisfaction.