JOB PURPOSE
To lead, develop, and manage the organization’s information security program by establishing security strategies, policies, and controls that safeguard data, systems, and operations. The role ensures a structured, risk‑aware, and compliance‑aligned environment while fostering a culture of collaboration, accountability, and continuous improvement.
ROLE SUMMARY
- Define and execute the organization’s information security strategy.
- Lead security governance, risk management, and compliance initiatives.
- Oversee implementation and operation of security technologies and controls.
- Manage security risk assessments, mitigation plans, and regulatory alignment.
- Develop and maintain security policies, frameworks, and procedures.
- Lead and mentor a team of information security professionals.
- Partner with business units to ensure well‑structured, security‑aligned operations.
KEY RESPONSIBILITIES
Security Strategy & Governance
- Develop and maintain a comprehensive information security strategy and roadmap.
- Establish, enhance, and enforce the organization’s security governance framework.
- Define and maintain policies, standards, and procedures that support secure operations.
Risk Management & Compliance
- Lead risk assessments, threat evaluations, and vulnerability analyses.
- Ensure compliance with relevant regulations, industry standards, and audit requirements.
- Coordinate with internal units to monitor, manage, and report on security risks.
Security Operations & Technology Oversight
- Oversee the deployment and management of security tools including SIEM, DLP, CASB, firewalls, and endpoint protection.
- Ensure confidentiality, integrity, and availability of information systems through effective controls.
- Guide incident response, security investigations, and corrective remediation activities.
Leadership & Collaboration
- Provide direction to the information security team and support their professional development.
- Partner with IT, risk, audit, and business teams to align security with operational needs.
- Promote a structured, responsible, and security‑aware culture throughout the organization.
Continuous Improvement
- Review and enhance security processes, technologies, and frameworks.
- Recommend strategic improvements to strengthen the organization’s security posture.
- Maintain documentation, reports, and metrics that support continual governance improvement.
SKILL AREA
Security Governance & Risk Management
- Security frameworks (ISO 27001, NIST, etc.)
- Policy development, risk assessment, compliance oversight
Security Technologies & Controls
- Experience with SIEM, DLP, CASB, firewalls, IPS/IDS, endpoint protection
- Monitoring, threat detection, identity and access management
Incident Response & Investigations
- Handling security incidents, investigations, and remediation
- Root cause analysis and structured incident reporting
Leadership & Strategic Planning
- Team management, mentoring, and stakeholder engagement
- Long‑term security roadmap and program development
Communication & Documentation
- Clear reporting to leadership and cross‑functional teams
- Creation of policies, procedures, and audit‑ready documentation
EXPERIENCE AND EDUCATIONAL BACKGROUND
Required
- Experience in a senior security or IT management role.
- Minimum 3+ years experience in Information Security, IT Audit, Risk Management, or related fields.
- Experience in multinational IT Services/ITES, fintech, or similar high‑regulation environments.
- Strong background with enterprise security tools (Endpoint, SIEM, DLP, CASB, IPS, firewalls).
- Proven ability to lead teams and establish structured security practices.
Preferred
- Bachelor’s degree in IT, Computer Science, MIS, or related field; Master’s degree or MBA is an advantage.
- Relevant certifications such as CISSP, CISM, CEH, or equivalent.
- Experience implementing or maintaining information security frameworks and compliance programs.
BENEFITS
- Competitive salary and benefits package
- Hybrid and a morning shift working hours
- Collaborative, supportive, values-driven and inclusive work environment.
- Professional development and career growth pathways