Position: Cyber Risk Management Lead, Noida

Department: Information Technology | Role: Full-time | Experience: 5 to 10 Years | Number of Positions: 1 | Location: Noida

Skillset:

Cyber SecurityRisk Assessment, AWS Cloud Implementation, IT Infrastructure, Email Security, Server Security, Cloud Security, SOC 2 Assessment, RFPs, Office 365 Security, Firewalls, HIPPA, Excellent English communication skills

Job Description:

We are seeking a Cyber Risk Management Lead to identify and remediate or mitigate risks. Candidate should have effective task management skills and the ability to communicate effectively. The individual must be able to rapidly respond to security incidents and should have at least 5 years of relevant experience in Cyber security Risk management. Candidates Should have deeper understanding with some hands-on experience on enterprise IT infra components such as O365 suite, advanced firewalls, IPS/IDS/HIPS, routers/switches, VPN, proxy, AV/EDR, DNS, DHCP, multi factor authentication, virtualization, Email systems/security, Web Proxy, WAF, DLP etc. along with cloud environments like AWS (Must), Azure etc.

• Understanding applicable regulations, guidelines, and industry best practices to manage risk and ensure compliance

• Developing, maintaining, or auditing security documentation such as policies, standards, and procedures

• Monitoring security internal control effectiveness for EDR, Email Security, Server security, Cloud security etc

• Conducting internal security assessments to ensure continued compliance

• Explaining roles in managing risk to cross team functions and getting buy-in to improve the organizational risk posture

• Managing SOC 2 Type 2 assessment and provide adequate support for collecting relevant evidence for all relevant controls

• Should be able to review RFPs (request for proposal) and provide responses for Cyber security related items

• Manage Risk Governance

• Implement/govern AWS Cloud and Office 365 Security

• Manage and support internal and external audits

• Follow up till closure on audit findings if any

• Manage dashboards and reports to keep track of priority events for IT and IS

• Create MOM for Board Meetings

• Vendor Evaluation for cyber security controls

• Firewall rules review for On-premises and AWS firewall

• Security Awareness: Create materials PPT/e-mailers and provide training as needed

• Incident management and Business continuity

• CISO dashboard and success reports

• Meet with business team to understand their business requirements from cyber security perspective

• Has basic knowledge of audit requirements (SOC2, HIPPA, ISO27001, etc.)

• Understanding of respective industry best practices (e.g., NIST, ISO, OWASP, ITIL)

• At least one security certification is strongly preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)

• Prior experience of management of technology infrastructure is preferred

Additional Information:

• There are 2-3 rounds in the interview process.

• This is 5 days work from office role (No Hybrid/ Remote options available)

• Final round will be F2F (Mandatory)

Required Qualification:

Bachelor of Engineering - Bachelor of Technology (B.E./B.Tech.)- IT, CS, E&CE, MCA

With a Top Pharmacovigilance IT Products MNC