Talent.com
This job offer is not available in your country.
Manager - Cyber Security

Manager - Cyber Security

Royal EnfieldGurugram, Haryana, India
30+ days ago
Job description

Job Requirements

Position title

Manager - Cyber Security

Reports to

Head – IT infrastructure

Job grade

Manager

Location

Gurgaon

Job Purpose

The Manager Cyber Security will be responsible for designing, building, testing and implementing security systems within the Royal Enfield IT landscape. The individual is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice on security products.

Key Responsibilities

Implementation of Zero Trust Framework :

  • Review the current IT & cyber security landscape, validate the current cyber security roadmap and make relevant changes as necessary
  • Evaluation, comparison, finalization and implementation of necessary tools, technologies and processes inline with Zero Trust framework
  • Assessment of current deployment and enhancement of Network Admission Control
  • Assessment of current deployment and enhancement of Privileged Access Management
  • Assessment of current deployment and enhancement of Identity & Access Management
  • Implementation of cloud security controls
  • Review the Operational Technology landscape & implementation of necessary tools & technologies for OT Security
  • Evaluate the SIEM (Security information & event Management) tools and managed SOC (Security operations Center) offering available in the market. Prepare comparative for decision making & enrollment

Get ISO 27001 certification for the organization

  • Assess the current policies and procedures
  • Do the gap assessment from ISO 27001 perspective
  • Revision of policies in accordance with ISO 27001, rollout of policies, adoption, adherence and Internal audits against the policies

    • Manage Cyber Security Operations

  • Get the vulnerability analysis and risk assessment performed regularly
  • Based on the assessment report, remediate the security issues using existing tools and technologies
  • Evaluation of available solutions in the industries to remediate the issues which can’t be fixed using the existing tools and technologies
  • Analyze architecture of application & infrastructure before any platform is brought into the ecosystem
  • Management & governance of cyber security operations handled by an outsourced agency
  • Regular monitoring & reporting of the health of Cyber Security
  • Ensure the adherence to the Security Policies and checklists before any application or platform is brought into the ecosystem
  • Manage Endpoint protection and Endpoint Detection & Remediation deployment & operations - ensuring complete coverage - installed on all endpoints and servers, updating prevention policies on a regular basis, Application whitelisting / blacklisting, vulnerability monitoring and reporting
  • Get the patching done on all endpoints and servers regularly based on the vulnerabilities detected by EPP and EDR tool, patches released by OEMs and other out of band patches
  • Define and document security Incident management process
  • Ensure the adherence to security Incident management process
  • In case of any security incident, immediate remedial action to be taken, regular updates to IT Leadership and management
  • Complete forensics of the incident to be performed, remedial action taken, root cause analysis done and corrective measures to be performed
  • Tracking and understanding emerging security practices and standards

    • Raise the awareness level of Employees about Cyber Security

  • Regular user awareness drills
  • Regular communication to the employees
  • Conduct employee trainings on good cyber practices

    • Regular reporting & dashboards

  • Monthly cyber security health report - Adoption and benefit realization against the investment made
  • Fortnightly dashboard to leadership team - Stats on Cyber defense, Incident
  • Project plan and status for cyber security projects

    • Work Experience

    Education

    Bachelor of Engineering / Technology - Computer Science / Information Technology

    Experience

    8-12 years of experience (manufacturing experience would be an added advantage)

    Technical knowledge on following technologies -

  • Perimeter Firewalls - Cisco, Palo Alto, Fortinet
  • NAC - Cisco ISE, Forescout
  • EDR - Sentinel, CrowdStrike
  • WAF - Akamai, Others
  • SASE, CASB, CSPM, Cloud Security,
  • PAM - CyberArk, Arcos

    • Extensive experience in information security and / or IT risk management with a focus on security, performance and reliability.

    Excellent written and verbal communication skills as well as business acumen and a commercial outlook

    Ability to manage senior stakeholders