Manager - Cyber Security

No.

Key Accountabilities

1.

Review and understand the Scope and define technical security requirements of cyber security systems.

2.

Execution of all security initiatives across the APSEZ business sites through robust project management in line with the group strategic plan, including:

• Timely tracking for Security initiatives.
• Coordinating with OEM for agreed SOW for implementation and the due dates for the deliveries.
• Ensuring the defined standards (internal or external).
• All deliveries and work done should comply with the agreed standards.
• Ensuring acceptable criteria defined as the minimum requirements for accepting deliverables.

3.

Coordinate with IT Heads, Application, Infrastructure & Governance team for all InfoSec related Cyber compliance, Audit Observations, training and operational issues, 

4.

Coordinate with Infrastructure and system owners and custodians for Cyber Security issues.

5.

Active participation in APSEZ specific technology evaluation from security perspective, prepare detail evaluation sheet and manage POCs related to IT and OT security initiatives.

6.

Coordinate with the Engineering services for OT related Cyber Security initiatives.

7.

Implementation of ISO27001 framework for all APSEZ sites, plan and execute successful certification for each site as per direction from group.

8.

Manage Info security trainings to users and internal security audits for all sites.

9.

Ensure baseline configuration compliance on all IT and OT assets - servers/network devices/Applications/Databases etc.

10.

Manage continuous risk management program to ensure the confidentiality, integrity and availability of the data. 

11.

Establish, monitor, and report on relevant performance metrics and applicable compliance metrics.

12.

Review existing cyber security processes, policies, standards and suggest enhancements in accordance with the best practices, if there are any gaps exist.

13.

Work closely with the Central Cyber Security COE for Operations, Projects, Audit, Assessment, Budget and other areas.

14.

Ensure End point security compliance such as Anti-virus, Encryption, DLP, Proxy etc. across all sites for APSEZ

15.

Adequate knowledge of ports OT systems protocols e.g. Modbus, DNP, S7 communication etc and network architecture

EDUCATIONAL QUALIFICATIONS:

(degree, training, or certification required)

• Bachelor's Degree in Engineering, Cyber Systems, Computer Science, or related field from a premier institute
• Certification in IT Audit and Cyber Security

 (e.g. CISSP,CISA,CISM,ISO27001)

• Project management certification (E.g. PMP) is a plus

RELEVANT EXPERIENCE: 

(no. of years of technical, functional, and/or leadership experience or specific exposure required)

• 8-10 years of experience in IT security management and projects
• Prior experience in manufacturing IT systems and applications is preferred but not mandatory.