isecjobs.com

Director-Information Security

Bengaluru, Karnataka, India

Full Time Executive-level / Director USD 31K - 72K *
Exotel logo

Exotel

AI transformation partner for enterprises, driving increased revenue, reduced costs, and enhanced customer experience with Exotel solutions.

View all jobs at Exotel

Apply now Apply later

Location: Bengaluru,Karnataka,India

About the Role

 

We are seeking a strategic and experienced Director of Information Security to lead our organization’s information security program. This role will be responsible for safeguarding our information assets, ensuring compliance with industry standards, and managing security risks across all business operations. The ideal candidate will have extensive knowledge of risk management, business continuity, cloud infrastructure, and regulatory compliance.

 

Role Expectations

 

  • Balancing security posture with business realities

The candidate is expected to superimpose Exotel’s business interests and constraints with Security requirements and help bridge the gap. 

  • Collaboration with technology and product teams

The candidate is expected to work closely with the tech and product teams to ensure the best outcome from a product and security roadmap point of view without compromising on either. The candidate should have the ability to work with a pod of engineers to guide them on technical aspects needed to be done to close security gaps in the product

  • Add business value from a Security POV

The candidate is expected to not only understand the security aspects of Infosec but also understand the business value that it adds and work with the pricing team to include security packs that can be sold to customers

 

Key Responsibilities

 

  • Information Security Risk Management:
    Develop, implement, and maintain an information security risk management framework. Conduct regular risk assessments and ensure risks are effectively mitigated.

  • Business Continuity and Disaster Recovery (BC/DR):
    Establish, maintain, and test business continuity and disaster recovery plans to ensure operational resilience. Lead efforts to prepare for and respond to incidents.

  • Third-Party Vendor Risk Management:
    Oversee the assessment and management of third-party vendor security risks. Ensure compliance with security policies and standards among all vendors.

  • OWASP Vulnerability Management:
    Implement security measures based on OWASP guidelines. Regularly assess and remediate vulnerabilities in applications and systems.

  • Cloud Infrastructure Security:
    Maintain expertise in cloud security best practices and ensure secure configurations. Monitor cloud environments for compliance and security threats.

  • Customer Interaction:
    Serve as the primary point of contact for security-related inquiries from customers. Communicate security initiatives and policies to stakeholders.

  • RFP Management:
    Manage the security components of Request for Proposal (RFP) processes. Collaborate with internal teams to provide necessary documentation and assessments.

  • SOC Command Operations:
    Oversee Security Operations Center (SOC) functions, including incident detection, response, and management. Ensure effective monitoring and reporting of security events.

  • Brand Monitoring:
    Implement brand monitoring strategies to protect the organization’s reputation from potential security threats.

  • Implementation of Standards:
    Lead the implementation and maintenance of information security standards such as ISO 27001, PCI-DSS, SOC 2 Type, GDPR, and DPDP. Ensure ongoing compliance with these frameworks.

  • Networking Knowledge:
    Utilize networking knowledge to enhance security measures across all platforms and ensure secure network configurations.

 

Qualifications

 

Education:
Bachelor’s degree in Information Technology, Cybersecurity, or a related field; Master’s degree preferred.

Experience:
Minimum of 15 years of experience in information security, with at least 5 years in a leadership role.

Certifications:
Relevant certifications such as CISSP, CISA, or equivalent are highly preferred.

 

Skills:

 

  • Strong understanding of information security risk management principles.

  • Expertise in business continuity planning and disaster recovery.

  • Proficient in third-party vendor risk management processes.

  • Familiarity with OWASP and vulnerability management practices.

  • In-depth knowledge of cloud infrastructure security.

  • Excellent communication and customer interaction skills.

  • Experience managing RFP processes and documentation.

  • Strong leadership and team management abilities.

  • Knowledge of ISO 27001, PCI-DSS, SOC 2 Type, GDPR, and DPDP compliance.

  • Understanding of networking concepts and practices.

  • Strong technical knowledge and understanding to guide engineers in implementing security aspects identified

  • Strong understanding of the communication domain to the extent that compliance (like GDPR, ISO, PCI-DSS, etc) applicability  to the communication domain is well understood

Apply to this job
Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Categories: Architecture Jobs Leadership Jobs

Tags: CISA CISSP Cloud Compliance GDPR ISO 27001 Monitoring OWASP RFPs Risk assessment Risk management RMF SOC SOC 2 Vulnerabilities Vulnerability management

Perks/benefits: Team events

Region: Asia/Pacific
Country: India

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Penetration Tester jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsInformation System Security Officer jobsSenior Cyber Security Engineer jobsPrincipal Security Engineer jobsSenior Network Security Engineer jobsCloud Security Architect jobsSecurity Consultant jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSenior Information Security Analyst jobsSecurity Specialist jobsIT Security Engineer jobsCyber Security Specialist jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsCyber Security Architect jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobs
CI/CD jobsEncryption jobsSDLC jobsMalware jobsRMF jobsSQL jobsIPS jobsForensics jobsGDPR jobsIDS jobsEDR jobsSplunk jobsTop Secret jobsFinance jobsDoDD 8570 jobsBash jobsITIL jobsCompTIA jobsOWASP jobsTerraform jobsCRISC jobsUNIX jobsIntrusion detection jobsGIAC jobsTCP/IP jobs
Docker jobsSANS jobsData Analytics jobsActive Directory jobsThreat detection jobsBanking jobsCCSP jobsPolygraph jobsClearance Required jobsOSCP jobsAnsible jobsIT infrastructure jobsOracle jobsVPN jobsSOAR jobsSOX jobsJavaScript jobsSOC 2 jobsSecurity strategy jobsCyber defense jobsDNS jobsJira jobsArtificial Intelligence jobsSAP jobsGCIH jobs