Navi Mumbai, MH, IN, 400708
Education / Qualification
- Bachelor’s degree in Computer Science, Information Technology or Engineering degree in any discipline with experience/ skills in Information Security/ Cybersecurity/ IT Security/ OT Security, etc.
- CEH/ CFIH/ CISSP/ CISM/ CRISC certifications are added advantage
Experience
- At least 10+ years of experience in Information Security/ Cybersecurity, primarily in IT Security Projects/ Assessments/ Implementation, Security Design/ Architecture/ Implementation/ Operations/ Reviews, IT Risk Assessment, Vendor Security and Risk Assessments, Cybersecurity Engineering, Business Case Preparation, Data Protection and Privacy initiatives, etc
Required skills:
- IT & Security Risk Assessment Frameworks and Processes
- Good knowledge in ISO 27001, NIST Cybersecurity Frameworks
- Network & Security Fundamentals with Hands-on experience preferred
- Knowledge/ Experience in Application Security/ SSDLC/ DevSecOps and Cloud Security
- IT/ OT Security Projects, Solution POCs/ Evaluations, etc
- Strong People and Project Management expertise in IT Security/ Information Security
Responsibilities:
-
Planning, Supporting and Driving various IT Security, OT Security, Cybersecurity/ Data Security and Privacy Projects/ Initiatives/ POCs, as needed
- Performing Security Reviews for IT/ Business Projects/ Requirements and Changes
- Assessing and managing risks, vulnerabilities, threats and compliance within the Region
- IT/OT Cybersecurity Assessment , Control Implementation and Support
- Ensure VAPT are embedded as part of our Application Development, Enhancement and Release Lifecycle Processes.
- Create, Review and Update Security Policies and Guidelines, as needed
- Cybersecurity Awareness Training and Campaigns
- Third Party/ Vendor Security & Risk Assessment
- Security Reviews and Approvals for Third Party/ External Accesses and Data Sharing
- Supporting the implementation of DevSecOps
- Participate in various internal forums/ working groups within Holcim on IT Security, Cloud Security, Application Security, SOC/ CSC and contribute to global security initiatives and projects
- Cyber/ Security Incident Response, Investigation, Root Cause Analysis, Corrective and Preventive Action Plans
- Data Protection and Privacy Initiatives
Work Location: Navi Mumbai, India (Hybrid working model as per company policy)