ASSOCIATE MANAGER

Department Details

Role Summary

Stakeholder Coordination • Serve as the primary liaison between business units, IT & functional leadership, and group cyber security teams. • Facilitate communication and alignment of cybersecurity initiatives across various stakeholders. • Stakeholder engagement & relationship building. • Collaborate with IT & business project team to incorporate security by design principle in all the digital projects. Operational Oversight • Manage and maintain the technology portfolio of enterprise information protection services. • Ensure regular maintenance and timely upgrades of security systems & services to prevent downtime and enhance performance. • Collaborate, lead and mentor the IT operations team, providing guidance and support to ensure high performance in delivering security services. • Plan and execute Cybersecurity projects, ensuring they are completed on time and within budget. • Work with business, internal IT and 3rd party vendor teams to promote and adopt security best practices. • Implement and monitor security measures to protect data and ensure compliance • Monitor security system performance and troubleshoot issues to maintain optimal operation. • Responsible for managing all service and change requests relating to security • Manage relationships with Security/ IT vendors and service providers to ensure quality and cost-effective services. • Work with Security partners to conduct and review regular security assessments (Pen tests, Vulnerability scans etc) of vendors and solutions (SaaS, IaaS providers, Managed Security Service Provider) Incident Detection & Response • Accountable for Security Incident Management. Maintain and improve security incident response procedures and playbooks. • Oversee the daily monitoring and review of security event activities and cyber threat landscape to ensure ongoing and continued maturity of the organization's security controls in close coordination with SOC & MSS team • Manage resolution of cyber security incidents and coordinate with engineering support for security systems. • Identify and diagnose potential threats, including root cause analysis and after-action reviews to ensure security controls defend the enterprise against potential cyber threats • Collect and analyses cybersecurity threats to develop a deep understanding and awareness of cyber threats and actor's tactics, techniques and procedures (TTP) to derive and report indicators that help organisations detect and predict cyber incidents and protect systems and network from cyber threats. • Proactively searches for undetected threats in networks and systems, identifies their indicators of compromise (IOCs), and recommend mitigation plan Reporting and Documentation • Develop & streamline process and procedures for efficient security operations. • Provide regular reports & metrics on service operations • Perform routine audits on security of the infrastructure and present findings. Governance & Compliance • Conduct periodic service review meetings with relevant stakeholders - both internal & external.

Key Responsibilities

• Ensure adherence to security controls and policies • Facilitate & drive Information Security Management System (ISMS) process across the organisation. • Develop and manage the IT operations budget, ensuring efficient allocation of resources. Knowledge and experience • At least 10+ years of experience in Cybersecurity with hands-on capability is network & other security technologies. • Knowledge & skills in managing security policies & standards in Microsoft Azure, Active Directory, Office 365, SharePoint platforms • Comprehensive understanding of Information Security Frameworks (e.g., ISO 27001, NISTCSF and Cyber Essentials) and Privacy regulations, including DPDPA & GDPR • Experience working with 3rd party partners including upstream service providers. • Working knowledge of SIEM, Identity and Access Management and Data Loss Prevention tools • Experience in managing vulnerability and patch management process • Working knowledge of different security architectures (SOA, Microservices etc) and potential security issues related to them PaaS, IaaS, SaaS and Hybrid cloud solutions. • Knowledge of security technologies such as IDS/IPS and Firewalls • Strong experience in delivering IT and OT risk assessment, developing control frameworks and implementation of security controls & process specific to OT/ IoT Key competencies/behaviours • Strong written and oral communication skills • Demonstrates a high level of flexibility. • Proactive; Influencer; Collaborative • Ability to prioritise effectively and see the big picture. • Ability to adapt to new technologies and learn quickly. • Problem identification, analysis and evaluation • Detail oriented, organised, and able to handle multiple priorities and timelines simultaneously.

Educational Qualifications

Required Education Qualification: MCA
Required Experience: 10 - 14 years