Sr Project Lead-Cloud & Infra Engg

About Birlasoft:

Birlasoft, a powerhouse where domain expertise, enterprise solutions, and digital technologies converge to redefine business processes. We take pride in our consultative and design thinking approach, driving societal progress by enabling our customers to run businesses with unmatched efficiency and innovation. As part of the CK Birla Group, a multibillion-dollar enterprise, we boast a 12,500+ professional team committed to upholding the Group's 162-year legacy. Our core values prioritize Diversity, Equity, and Inclusion (DEI) initiatives, along with Corporate Sustainable Responsibility (CSR) activities, demonstrating our dedication to building inclusive and sustainable communities. Join us in shaping a future where technology seamlessly aligns with purpose.

About the Job : The Technical Security Officer for Infrastructure & Operations helps deliver on the vision of I&O Security Managementand is accountable for information security maturity and compliance within the Global Infrastructure & Operations(GIO) scope. The role will assist in the development of long-term security strategies and manage its execution toensure the IT services and functions meet all mandated security standards & policies and effectively assesses &controls security risks.

Job Title : Sr Team Lead

Location: Mumbai & Pune

Educational Background ​​​​​​​: Bachelor's degree in Computer Science, Information Technology, or related field.Bachelor's degree in Computer Science, Information Technology, or related field.

Key Responsibilities : 

The overall target for this position includes:

● Assessments of risks, vulnerabilities, threats and compliance within the GIO zones

● Support and consult on security components from technical architecture & process design

● Implement and sustain the Group Standard Information Security Framework

● Help foster a culture of compliance and security awareness

● Manage IT Internal Controls for the global infrastructure scope in coordination with the GIO zone operations teams and relevant IT Security teams in the region.

● Develop, use and continuously improve a formal set of processes by which the organization can identify various security concerns, gaps and remedial actions to ensure the appropriate IT Security resilience of the infrastructure

Skills Required :

 ● Ensuring that compliance is measured, reported and implemented across the I&O scope. Including: o Information security standards and procedures o Information security regulatory compliance o Certification standards and requirements

● Establishing constant vigilance over critical information assets together with relevant other teams and manage security risks and threats associated with each asset

● Providing risk mitigation advice

● Supporting IT Internal Controls (MCS - Minimal Control Standards) compliance and issue management across both internal and external teams

● Preparing the basis for security relevant management decisions/approvals

● Providing information security support for projects and enquiries from other functions/stakeholders

● Responding to security incidents and report to appropriate parties

● Supporting regular internal/external audits

● Maintaining and improving processes for effective and accurate security/user administration ● Support a culture of information security awareness and risk prevention within Global I&O

● Collaborating with other key IT roles to ensure information security measures do not prevent the users executing their duties.

Key interfaces, stakeholder and relationships:

 Internal: Regional/ Global/ and Group IT Service Center (ITSC) Security teams, Holcim Security Operations Center, Global Infrastructure and Operations (GIO) zone teams, Application support teams, Internal Audit, Project Managers and Steering Committees.

External: Consulting Companies; Service Providers (Infrastructure & Security), External Auditors

PROFILE REQUIRED

Level of education/qualifications normally required:

● Graduate degree in Business or Management; Bachelor’s degree in Computer Science, Engineering, or a related discipline with an IT focus.

● Security certifications (CISSP, CEH, CISM, CISA, CRISC ITIL, CMMI, ISO 27001) would be an asset.

Specific work experience:

● 10+ years of experience in IT Security and other operational IT roles

● Broad technical security knowledge of IT services, technology and IT solutions. Specific expertise in one or more of the following would be a plus:

1. Cloud Security
2. Network Security
3. System/Infrastructure Security (servers, containers, serverless etc.)
4. Endpoint Security (mainly servers, containers etc.)

● Strong practical experience in risk & vulnerability assessments, penetration testing.

 ● Practical experience of security incident handling & response

● Strong knowledge of regulatory requirements and security policies and standards

Technical / functional skills:

● Strong knowledge and understanding of networking & infrastructure security, both on premise and in cloud (IaaS)

● Experience with Cyber Security incidents and response

● Ability to conduct deep technical research into issues and products.

● Ability to review technical architecture documentation for demand/ project/ change proposals for security related risks or compliance concerns.

● Ability to run information security audits and test cyber resilience

● Hands-on experience in managing security tools (EDR, SIEM, CSPM, Vulnerability management tool etc.)

Behavioural competencies:

● Ability to deal with difficult situations, unclear priorities and blocking stakeholders

● Ability to communicate openly and effectively with many diverse constituencies and stakeholder

●Ability to work decisively under heavy workload considering the criticality, urgency and extended work hours required to ensure the availability of the service in accordance to service level commitments

 ● Ability to work with multi-cultural and multi-located teams

● High willingness to drive transformation and continuous service improvement

● Strong customer / end-user / client service orientation

● Highly self-motivated and directed

● Keen attention to detail

● Capability for problem solving, decision making, sound judgment, assertiveness

Leadership and managerial abilities:

● Ability to champion new initiatives and technologies – “Change Leader”

● Strong relationship building and interpersonal skills

● Ability to manage specific security projects

Linguistic skills:

● Excellent English (written & spoken) - other languages are a plus