Talent.com
This job offer is not available in your country.
IT- Security (Lead), 8 -16 years exp, Hyderabad, Pharma

IT- Security (Lead), 8 -16 years exp, Hyderabad, Pharma

Sai Life SciencesHyderabad, Secunderabad, In
30+ days ago
Job description

Responsibilities :

Process Implementation :

  • Work with process owner on the Implementation of Policies and procedures
  • Ensure new request for new process / procedure are delivered as agreed
  • Analyse the effectiveness of current process in order to Improve workflow effectiveness and perform design or redesign of process to improve the operational efficiency
  • Ensure process review calendar in place and conducted as per schedule and ensure complete Integration of all process and linkage to best practises
  • Work with team to manage alignment between defined process
  • Ensure new / changed process to communicate to all stake holders

Vulnerability Management :

  • Validation of VA Scope on Half-yearly basis
  • Coordination with Security Team / EY for performing VA as per the Scope
  • Review Half-yearly VA reports received from EY with Security Team and Publish to Technology SPOC for remediation
  • Coordinate with Technical Teams on remediate status on review remediation evidence
  • Publish VA Report and Dashboard to stakeholders
  • Perform Trend analysis on Vulnerabilities
  • Review process of an annual basis or as and when there is change and suggest Improvements and modifications
  • Customer RFP Responses :

  • Respond to Compliance Questions in RFP
  • Coordinate with Technical teams on Responses
  • Discuss and Obtain Concurrence on Deviation in Compliance Requirements
  • Access Management :

  • Review and Process logical access to third party and vendor to Infrastructure for collaboration
  • Review of logical and Physical access controls
  • Ensure Implementation of access control polices on Infrastructure devices and physical Locations
  • Build and Maintain access baseline as per roles and Responsibilities
  • Continuous improvement in access control framework such as automation
  • Review Hardening Baselines in line with updated CIS benchmarks
  • Review access control Policies and procedures for change and incorporate appropriately
  • Audits :

  • Ensure Internal audits are carried out as per schedule
  • Coordinate with Teams during audit
  • Collate, review and submit the evidence from teams to audit within agreed timelines
  • Ensure Audits are carried out as per schedule
  • Coordinate with Teams during audit
  • Collate, review and submit the evidence from teams to audit within agreed timelines
  • Follow-up on post audit remediation and closures of findings
  • Risk Assessments :
  • Perform Risk Assessment for IT Infrastructure and Components in ISMS scope for India, US and UK
  • Prepare Risk Dashboard and Publish to stakeholders
  • Track Risk Remediation and Ensure Remediation
  • Ensure participation in Management forum and provide Update on ISMS
  • Track and close actions Identified in MR
  • Participate in the weekly meeting and Monthly Digital Operations Review Meeting
  • Track and close actions Identified in Digital Operations Review
  • Develop, enhance Cyber Security solutions / Services roadmap, services catalogue and team
  • Evaluate and implement Cyber Security, Information Security solutions, in line with market treads and Business requirements
  • Build partnerships with Security products and solution providers capable of delivering solutions globally
  • Lead, strategize team training in Security solution and products
  • Qualifications :

  • Should have at least 10 years of experience in IT Services / Professional Services
  • Should have prior experience playing a role of a manager or lead or head of information security practice in a pharma or IT Services company
  • Experience in Cyber Security, Information Security as a leader, with experience leading strategic initiatives, establishing partnerships and teams
  • Need experience building a practice, team and in leading & owning the cyber security practices for the organization
  • Certified ISO auditor and hands of experience in implementing and manging the ISO 27001 framework
  • Should be able to work independently and interact with functional team members to achieve targets Roles and Responsibilities