Vodafone Idea - Cyber Security Head - Information/Application Security (18-20 yrs) Mumbai (Others)
Mumbai, India
3d ago
source : hirist.com

Role : Head of Cyber Security

Job Level / Designation : L5

Function / Department : Technology Security

Location : Mumbai

  • Job Purpose To ensure that all critical information assets of Vodafone India are identified, classified, assessed and protected from Cyber-attacks.
  • To periodically identify security risks associated with the critical assets and ensuring that the same is mitigated adequately.
  • This role is also responsible for ensuring that the critical assets are integrated into the Security Event Monitoring System for 24X7 monitoring and ensuring that cyber-
  • attacks are detected and reported in time.

  • This role is also responsible for transforming and operating Technology Security baseline and security transformation projects (Application firewalls, IPS, DLP, GSOC, DDOS prevention, wireless IPS)with expected delivery under stringent deadline.
  • Design and implement projects for improving overall security and cyber security posture of the organization and meeting applicable requirements with expected delivery under stringent deadline.
  • Key Result Areas / Accountabilities :

  • Design, implementation & maintenance of a Cyber Security framework to periodically assess critical assets, risks, vulnerabilities, discover new risks, correlate the forensic analysis, integrate SOC intelligence and create a 360 degrees posture of cyber security.
  • Cyber Intelligence - identifying new threats and classification & assessment of critical information assets to identify risks associated with them and ensuring mitigation of the same.
  • This involves both internal assets & assets managed by third parties viz. vendors, partners etc.

  • This role is also responsible for ensuring that security controls are communicated during the design stage of a solution and ensuring that the same is implemented by conducting validation assessments.
  • This role is also expected to periodically conduct ethical hacking tests on critical infrastructure components & business / technology systems of Vodafone India to ensure that these assets are adequately protected.
  • This role has the authority to provide a security clearance for the go-live of systems / solutions. This role also has the authority to decide on the classification of risks, the mitigation controls for identified risks & acceptance of open risks.
  • Cyber Surveillance - Monitoring real-time incidents and events in SOC and Integration projects of critical telecom & non-
  • telecom assets into SIEM for 24X7 monitoring.

  • Cyber Discovery - Identifying relevant vulnerabilities in our environment (VA, PT, Appsec, MBSS, Sec Testing for 15K+ devices), Security planning and architecture, Security in IT demand management : Act as internal architect / consultant and front face for all new initiatives.
  • Evaluate all IT demands and review / recommend security requirements, controls. Risk evaluation and acceptance for controls. Risk tracking.

  • Cyber incident - Reporting incidents, coordination with Cert.in, DoT and Vodafone Group, Online reputation management and this role is also expected to provide security trainings & awareness sessions on privacy & security risk management to employees & partner personnel to ensure that people are made aware of the security & privacy requirements of Vodafone.
  • Proficiency in interacting with senior management.
  • Developing business centric security Dashboard and Reports.
  • Design and implement projects for improving overall security posture of the organization and meeting applicable requirements with expected delivery under stringent deadline.
  • Ability to co-ordinate and manage working group e.g. Pears, partners, regulators and cross function team members.
  • Strong team management, budget management and Internal or external governance.
  • Core Competencies, Knowledge, Experience :

  • Ensuring all cyber risks are identified and mitigated in Vodafone environment through proper discovery, detection, and mitigation of cyber-attacks.
  • Ensuring security risk assessment of critical business & technology processes & systems and also ensuring mitigation of identified risks, ensuring proper prevent ongoing attacks from external / Internal environment.
  • Also ensuring that security & privacy controls are incorporated from the design phase while development / conception of new business systems / processes.
  • Proactive cyber-attacks reporting and suggest mitigation controls against the attack, create threat intelligence on emerging indicators of compromise, technical intelligence.
  • Open source feeds, and dark web intelligence collection to ensure there is strong Cyber Intelligence to proactively detect and mitigate cyber-attacks.

  • Manage security testing program and Online reputation monitoring tool.
  • Ensure all IT Infrastructure security audits, execution of master calendar and SGP.
  • Oversee all internal & external audits pertaining to cyber security and tracking and closure of identified issues
  • Must have technical / professional qualifications - 12-15 years of full-time in Information Security and Cyber Security
  • Ethical Hacking, Vulnerability Assessment, Application Security& Penetration Testing
  • Cyber Attacks intelligence and designing of security controls
  • Decision making and problem solving capabilities
  • Ability to interact with senior individuals of the company to explain and connivance cyber security situation.
  • Years of Experience 18-20 years of experience in project management in Industries to look from Telecom, Banking
  • Ideal Organizations to look from As mentioned above industries
  • Direct reports : CTSO

    Step 2
    Add to favorites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form