IT- Security (Lead), 8 -16 years exp, Hyderabad, Pharma
This job offer is not available in your country.
IT- Security (Lead), 8 -16 years exp, Hyderabad, Pharma
Sai Life SciencesHyderabad, Secunderabad, In
30+ days ago
Job description
Responsibilities :
Process Implementation :
Work with process owner on the Implementation of Policies and procedures
Ensure new request for new process / procedure are delivered as agreed
Analyse the effectiveness of current process in order to Improve workflow effectiveness and perform design or redesign of process to improve the operational efficiency
Ensure process review calendar in place and conducted as per schedule and ensure complete Integration of all process and linkage to best practises
Work with team to manage alignment between defined process
Ensure new / changed process to communicate to all stake holders
Vulnerability Management :
Validation of VA Scope on Half-yearly basis
Coordination with Security Team / EY for performing VA as per the Scope
Review Half-yearly VA reports received from EY with Security Team and Publish to Technology SPOC for remediation
Coordinate with Technical Teams on remediate status on review remediation evidence
Publish VA Report and Dashboard to stakeholders
Perform Trend analysis on Vulnerabilities
Review process of an annual basis or as and when there is change and suggest Improvements and modifications
Customer RFP Responses :
Respond to Compliance Questions in RFP
Coordinate with Technical teams on Responses
Discuss and Obtain Concurrence on Deviation in Compliance Requirements
Access Management :
Review and Process logical access to third party and vendor to Infrastructure for collaboration
Review of logical and Physical access controls
Ensure Implementation of access control polices on Infrastructure devices and physical Locations
Build and Maintain access baseline as per roles and Responsibilities
Continuous improvement in access control framework such as automation
Review Hardening Baselines in line with updated CIS benchmarks
Review access control Policies and procedures for change and incorporate appropriately
Audits :
Ensure Internal audits are carried out as per schedule
Coordinate with Teams during audit
Collate, review and submit the evidence from teams to audit within agreed timelines
Ensure Audits are carried out as per schedule
Coordinate with Teams during audit
Collate, review and submit the evidence from teams to audit within agreed timelines
Follow-up on post audit remediation and closures of findings
Risk Assessments :
Perform Risk Assessment for IT Infrastructure and Components in ISMS scope for India, US and UK
Prepare Risk Dashboard and Publish to stakeholders
Track Risk Remediation and Ensure Remediation
Ensure participation in Management forum and provide Update on ISMS
Track and close actions Identified in MR
Participate in the weekly meeting and Monthly Digital Operations Review Meeting
Track and close actions Identified in Digital Operations Review
Develop, enhance Cyber Security solutions / Services roadmap, services catalogue and team
Evaluate and implement Cyber Security, Information Security solutions, in line with market treads and Business requirements
Build partnerships with Security products and solution providers capable of delivering solutions globally
Lead, strategize team training in Security solution and products
Qualifications :
Should have at least 10 years of experience in IT Services / Professional Services
Should have prior experience playing a role of a manager or lead or head of information security practice in a pharma or IT Services company
Experience in Cyber Security, Information Security as a leader, with experience leading strategic initiatives, establishing partnerships and teams
Need experience building a practice, team and in leading & owning the cyber security practices for the organization
Certified ISO auditor and hands of experience in implementing and manging the ISO 27001 framework
Should be able to work independently and interact with functional team members to achieve targets Roles and Responsibilities