Cyber/Information Security Engineer - CISM/CISSP Certified (10-15 yrs)

Key Responsibilities :

Strategic Leadership :

- Serve as the primary advisor on all matters related to cyber and information on security.

- Collaborate with executive leadership to align security initiatives with business objectives.

- Provide thought leadership in emerging trends, threats, and best practices in cyber security.

Security Operations :

- Develop, implement, and maintain robust information on security policies, procedures, and standards.

- Conduct risk assessments, vulnerability scans, and penetration tests to identify potential threats.

- Respond to and lead incident response efforts for security breaches or attacks.

- Oversee the implementation of security technologies, including, firewalls, intrusion detection/preventionon systems, and endpoint protection.

- Collaborate with development teams to integrate security measures into the software development lifecycle (SDCL)

Lead SME - Cyber Security & Information Security

- Conduct threat modeling, code reviews, and secure design assessments for software products and platforms.

- Define and enforce secure coding standards, DevSecOps practices, and cloud security policies.

- Ensure platform resilience through robust identity management, encryption, and authentication mechanisms.

Compliance and Governance :

- Ensure compliance with relevant regulations, frameworks, and standards (e.g., VAPT, STQC, SOC2, ISO 27001, NIST, GDPR, HIPPA, CCPA).

- Conduct audits and assessments to evaluate compliance and identify gaps.

- Develop documentation for regulatory and client audits, including risk management plans and business continuity plans.

- Develop and maintain policies, procedures, and documentation to support security audits and client requirements.

Collaboration and Training :

- Work closely with software development, IT, and DevOps teams to integrate security practices into the SDLC.

- Provide training and awareness programs to employees on security best practices.

- Act as a liaison between technical teams and non-technical stakeholders, simplifying complex security concepts.

- Foster a security-first culture across the organization.

Technology and Innovation :

- Evaluate and recommend security tools and technologies to enhance the company's security architecture.

- Stay updated on the latest cyber threats and develop proactive measures to counter them.

- Lead initiatives to automate and streamline security processes.

Key Qualifications :

Educational Requirements :

- B. Tech in Engineering (Informaon Technology/Computer Science or equivalent).

- Add pritional Professional qualifications in Cyber Security, and/or related fields (Master's preferred).

- Certifications: One or more of the following certifications:

- Certified Information Systems Security Professional (CISSP)

- Certified Information Security Manager (CISM)

- Certified Ethical Hacker (CEH)

- CompTIA Security+

- GIAC Security Essentials (GSEC)

Skills and Competencies :

- Expertise in network security, cloud security, and application security.

- Strong understanding of regulatory compliance and security frameworks.

- Excellent problem-solving and analytical skills.

- Exceptional communication skills, with the ability to articulate complex security concepts.

- Ability to manage multiple projects and priorities in a fast-paced environment