Lead Cybersecurity Mumbai

Job Description:

The incumbent will oversee and coordinate the information security efforts across the company. They will be
responsible for establishing and maintaining a comprehensive information security program to ensure that
information assets are adequately protected.

Cybersecurity Management:
 Develop and implement cybersecurity policies, procedures, and best practices.

 Support the business in planning and implementing cybersecurity initiatives.
 Evaluate and recommend to the management, the approaches to maintain a strong cybersecurity resilience
with best usage of available resources.
 Conduct regular risk assessments and vulnerability scans to identify potential threats and weaknesses.
 Monitor networks and systems for security breaches and promptly respond to incidents.
 Coordinate the analysis of security incidents, propose changes based on lessons learned.
 Analyse the IT environment and make recommendation for Disaster Recovery (DR), remote access, network
appliance, Server, application, and Endpoints.
 Develop and implement network security strategies, policies, and procedures.
 IT Management and Support
 Manage and coordinate work of external partners to deliver IT and cybersecurity related responsibilities.
 Provide guidance and support to other IT teams on security-related matters, including network security,
endpoint protection, and data encryption.
 Collaborate with IT team to integrate security measures into new and existing systems and applications.
 Lead or support IT projects with security implications, such as system upgrades, cloud migrations, and
software deployments.
 Liaisoning between operators, vendors, and Organization management on matters relating to cyber security.
 Review all processes and procedures around data protection and privacy and advise.
 Organization regarding any updates that may be required.
 Implement and provide necessary consultation for a Data Protection Impact Assessment (DPIA).
 Collaborate with IT teams to implement security controls, patches, and configuration changes to mitigate
identified vulnerabilities.
 Compliance and Governance:
 Will represent IT in SOX process, specifically for ITGC, ITAC and Business Process Controls
 Ensure compliance with relevant industry standards and regulations, such as SOX, NIST, ISO
 Maintain documentation and evidence of compliance activities for audit purposes.
 Assist in facilitating internal and external IT audits and assessments.
 Security prevention planning and maintain risk registry, ensuring remediations are aligned.
 Corporate acceptable cyber risk policy
 Training and Awareness:
 Lead and monitor user awareness training, tracking of training and phishing program coordinate with
corporate campaigns.
 Conduct cybersecurity awareness training for employees to promote a culture of security consciousness.
 Keep abreast of the latest cybersecurity threats, trends, and technologies and disseminate relevant
information to stakeholders.