Position to be filled: Security & Compliance Lead

Job Responsibility: Compliance, Regulatory, Risk assessments, SIEM, SOAR, Infra Security, Cyber Security

Minimum Qualification

• Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Advanced degrees or relevant certifications (e.g., CISSP, CISM, CISA, CRISC) are highly desirable.

• Experience: Minimum of 7 years of experience in IT security and compliance, with at least 3 years in a leadership role. 

Job Duties:

• Develop, implement, and maintain comprehensive security strategies, policies, and procedures.

• Lead the design and implementation of security architectures and solutions to protect company assets.

• Perform risk assessments and vulnerability assessments to identify and mitigate security risks.

• Manage security incident response, including investigation, resolution, and reporting.

• Ensure data integrity, confidentiality, and availability through robust security controls.

• Continuously monitor and evaluate the effectiveness of security measures and make necessary adjustments.

• Conduct regular compliance audits and assessments to ensure ongoing adherence to relevant standards and regulations.

• Collaborate with internal and external auditors to facilitate audits and address any findings or recommendations.

• Maintain detailed documentation of compliance efforts, policies, and procedures.

• Stay current with changes in laws, regulations, and industry standards that affect the organization’s compliance requirements.

• Manage and mentor a team of security and compliance professionals, providing guidance and support.

• Assign tasks, monitor progress, and ensure the team meets project deadlines and objectives.

• Foster a collaborative and high-performance team environment.

• Provide training and development opportunities to enhance the team's skills and knowledge.

• Collaborate with other departments to ensure security and compliance requirements are integrated into all projects and initiatives.

• Communicate security and compliance risks, strategies, and status to senior management and stakeholders.

• Develop and deliver security awareness training programs for all employees.

• Continuously monitor and evaluate the effectiveness of security and compliance programs.

• Recommend and implement improvements to security and compliance processes and tools.

• Evaluate and integrate new security technologies to enhance the organization’s security posture. (ISO 27001, NIST, CIS Controls). • Strong understanding of regulatory requirements and standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). 

• Experience with risk management practices, including risk assessments, mitigation strategies, and incident response.

• Proficiency with security technologies such as firewalls, IDS/IPS, SIEM, XDR, SOAR, endpoint protection, and encryption.

• Hands-on experience with Security Information and Event Management (SIEM) systems for centralized logging, monitoring, and analysis.

• Expertise in Extended Detection and Response (XDR) solutions for integrated threat detection and response across multiple security layers.

• Responsible for their team success, manage team, Form new offerings as per the market trend

• Implementation and management of Security Orchestration, Automation, and Response (SOAR) platforms to enhance security operations efficiency.

• Identity and Access Management: Expertise in identity and access management (IAM) solutions and best practices.

• Cloud Security: Experience with cloud security practices and solutions (e.g., AWS, Azure, Google Cloud).

• Network Security: Strong understanding of network security concepts, including VPNs, VLANs, and secure network architecture.

• Application Security: Knowledge of application security best practices, including secure coding, application testing, and vulnerability management.

Skills Preferred:

• Strong technical skills with a deep understanding of IT security and compliance.

• Excellent leadership and team management abilities.

• Strong problem-solving and analytical skills.

• Excellent communication and interpersonal skills.

• Ability to work independently and as part of a team.

• Strong organizational skills and attention to detail