Job Description

1. JOB DETAILSJob TitleIT Security LeadDepartmentITBusiness UnitCorporateDirect Line Manager Job TitleIT Governance and Security ManagerLocation/ AddressCorporate Office, Delhi, IndiaPosition Code/ IdentityDate16 Sep 2022Version ControlVersion 1.02. JOB PURPOSEThe high-level overview of what the job is required to doContinuously architect and deliver IT Security solution and services to safeguard Averda Information and systemsPeople ManagementComply with Health, Safety and Environment policiesRisk Management3. QUANTITATIVE DIMENSIONSThe scope of responsibility of the job based on financial targetsNumber of employees directly managed1Number of employees indirectly managedBudget Responsibility value for current FYINR 00 per yearSales Responsibility value for current FYINR 00 per yearOther4. STAKEHOLDERSThe interactive network related to this jobinternal stakeholdersAll Averda employeesexternal stakeholdersIT consultants, partners, distributors, and resellers5. KEY ACCOUNTABILITIESResponsibilityIndicator/ InputTargets/ OutputContinuously architect and deliver IT Security solution and services to safeguard Averda Information and systemsUnderstand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and servicesDevelop and enhance an information security management frameworkCarry out vulnerability assessments of systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified and to ensure they are implemented.GAP analysis reportAutomated security dashboardEnsure appropriate safeguards are in place to protect the companys information assetsDesign and implement administrative, physical and technical safeguards to protect information assetsIdentify, introduce and implement procedures, including checks and balances, to test these safeguards regularlyInformation security Safeguards implemented and regularly checkedConduct and complete annual information security reviews and audits as requiredEnsure that a yearly audit of all Information security assets and processes is conducted, covering data, systems, roles and responsibilities and partners / suppliersConduct internal Information security audit assignments / investigations whenever requiredPublished Audit reports covering all information security assets processes, for all audits conducted yearly, and on ad-hoc basisStandardize User ProfilesOversee the design and adoption of User Profiles(by Country, Project, Function, Role and Grade Level)Standardized User Profiles published and adoptedEnsure effective training programs are in place to increase security awareness across AverdaDevelop an information security awareness training programProvide classroom / online training to Averda staffTraining delivered to Averdas administrative staff on information security basicsEstablish compliance with global standardsEnsure the compliance of IT security processes with IT best practices standards such as ISO 27001 and NISTProvide the needed training to IT employees on the adopted IT standardsTraining delivered to IT personnel on IT best practices standardsReports on IT standards adopted, including gap analysisPeople Management(applicable for only Managers and above)Build the team, optimising talents and growing individualsManage the performance of the teamDevelop and maintain teamwork among all teams promoting the sharing of ideas and best practiceReport non-compliance cases and initiate actions as per Managing Capability and Discipline Concerns Policy80% Engagement Level of the team100% completion of Performance ManagementUnder performance addressedComply with Health, Safety and Environment policies(mandatory for all)Exercise due diligence towards health and safety of self and others in the organisationComply with the applicable HSE procedures, instructions, requirements, standards received from regulatory and statutory bodiesProactively report superior occurrences, events, violations and acts that may impact employee health, safety or environment100% complianceRisk management(mandatory; Line manager discretion)Analyse current risks and identify potential risks in the area of responsibilityReport the risk tailored to the relevant audienceBuild risk awareness amongst team by providing support and trainingWell defined risk in the result areaOn-Time and In-Full (OTIF) reporting6. COMPETENCIES6.1 QUALIFICATIONS and KNOWLEDGEQualificationsBachelors Degree in Computer Science, Information Systems, or any other IT related fieldKnowledgeSubject matter expertise in the areas of Information Security, IT governance, IT AuditingIT best practices certification (CISA, CISM, CISSP or ISO) is recommendedLanguage ProficiencyEnglish (fluent)6.2 Technical CompetenciesSystems Administration, technical support and troubleshooting, RCAMS Outlook, Word, Excel and PowerPointHigh level of project management skillsHigh level of planning and analytical skillsExcellent verbal and written communication skillsHigh level of awareness in the local market and key players and stakeholdersHigh level of awareness of the local competitive landscape6.3 Core CompetenciesDeliver: Consistently strives to deliver business results and exceeds customer expectationsCare: Develops rapport and works effectively with a diverse range of peopleInspire: Spots opportunities and creates innovative solutions in order to deliver business resultsInstils Discipline: Focuses performance that turns the strategy into the right actions at the right time in the right way to meet the growth objectivesIs Resourceful: Makes connections that arent obvious to others while building solutions and strategyDelivers Achievement: Owns the responsibility to build the capability and resilience of others, teams and Averda to achieveCommunicates Transparently: Confidently communicates in a clear, concise and open wayBuilds Teamwork: Encourages participation and commitment to Averda identity and measures own success through collective successFocuses Future: Directs the future of Averda and ensures commitment to deliver the strategy7. experIenceMinimum 7 years experience in Information security, IT Auditing, and risk managementAbility to write for different audiences, including drafting policies, processes, and proceduresExperience working with a global or multinational company in a relevant sector or industry Experience in Customer Service and Service Delivery using agreed Service Level Agreements

Ciel HR