Information Security Lead

• Leads IT security projects in terms of design, plan, and implementation of security infrastructure & solutions including development and management of overall enterprise security approach in terms of Infrastructure, Network, Data, Cloud and Endpoint Security.
• Analyse business requirements by partnering with key stakeholders across the organization to develop security solutions.
• Develop and review security-related documents such as SOPs, Process documents, Operational Reports & Metrics Dashboards, etc.
• Hands on experience with implementation of various security solutions, such as Cloud Security Solutions, Data Security Solutions, Network Security Solutions & Endpoint Security Solutions.
• Validate use cases and events configured on SIEM in coordination with SOC Manager.
• Develop & implement strategies for Infra and Application hardening.
• Prepare plan and strategies to ensure security of the organization including both high and low risk events.
• Identify & implement security best practices through fine tuning of appliances, solutions and applying audit recommendations.
• Well-versed and experienced in threat landscape, risk profiling and continuous improvement in security processes.
• Work with IT service providers and partners to ensure industry standard platform, network, and endpoint security posture is maintained.
• Lead vulnerability management and penetration testing activities for Infrastructure, improvise them and ensure closure as per the established practices alongwith analysing, reporting, and tracking of all the identified vulnerabilities.
• Work in collaboration with internal teams and other business units to identify and highlight security issues and ensure timely closure.
• Should be able to work under pressure and ensure that timelines are met, and projects and other initiatives are delivered in agreed timelines.
• Leads on the identification of data security and information protection risks across the organisation and works with stakeholders to develop and implement mitigation plans, escalating issues as appropriate.
• Help to achieve the highest standards of information security across the organisation.
• Implements measures to protect digital files and information systems against unauthorized access, modification, or destruction.
• Develops strategies to respond to and recover from a security breach.
• Coordinate’s security activities with relevant vendors.
• Working alongside the cross-functional teams & stakeholders in conjunction with Cloud Development, Architecture and DevOps teams to provide visibility of cloud security posture including security of Containers & Serverless environments.
• Day to day management, troubleshooting and housekeeping of security toolsets.
• Delivering and maintaining security metrics and improvements.
• Should have experience in presenting the overall Information security status to CISO with all security metrices for defined KPIs.
• Planning and implementation of automated remediation activities.

Larsen & Toubro