Key Deliverables in this role

Financial Outcomes

• This role contributes to the organization's overall financial well-being by minimizing the impact of security incidents, reducing the risk of financial losses, and ensuring compliance with regulations to avoid penalties.

Customer Service

• Implementing measures for ongoing enhancement of security services, ensuring customer satisfaction and confidence in the Cyber capabilities
• Work with the broader IT organization and business management to align priorities and plans with key business objectives.
• Provide security communication awareness and training for audiences which may range from senior leaders to individual contributors.
• Work with IT leadership and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.

Internal Processes

• Recommend and facilitate the implementation of technical controls to support and enforce defined security policies
• Conduct and report on risk assessments and propose meaningful plans to protect the business
• Manage security projects and provide expert guidance on security matters for other technology projects
• Assessment and ongoing management of vendors applications and other third-party risks
• Work to ensure ongoing alignment with Audit and Compliance requirements as identified by the business
• Assist in the development and ongoing management of IT budgets and assess the ROI of existing security measures.
• Conduct and/or oversee periodic security audits
• Assist with the development and facilitation of enterprise Disaster Recovery and Business Continuity programs
• Responsible for working in a 24x7 Security Operation Center (SOC) environment
• Part of an on-call escalation process

Innovation and Learning

• Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software and analyze its impact on the existing environment

Critical success factors for the Role

• 12-14 years’ experience in Information Security Domain
• Bachelor’s degree in information security, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CISM, GIAC) are a plus.
• Subject Matter Expert in information security Domain
• Third Party Risk Assessment
• Effective Incident Response and Management
• Vulnerability Management & Penetration Testing
• Continuous Monitoring and Analysis

Desirable success factors for the Role

• Strong understanding of security technologies, threat detection, and incident handling.
• Leadership experience with the ability to manage and mentor a team.
• Proficiency in SIEM tools (Microsoft Sentinel) and other security technologies.
• Excellent communication and stakeholder management skills.
• Knowledge of security policies, compliance standards, and best practices.
• Strong problem-solving and decision-making abilities.
• Innovation and Emerging Technology Awareness
• Threat Hunting Capabilities
• Incident Simulation and Tabletop Exercises