08/03 Chandni Ghosh
Senior Consultant at KNAV & Co.

Views:413 Applications:102 Rec. Actions:Recruiter Actions:61

Director - IT & Information Security Operations (10-15 yrs)

Navi Mumbai Job Code: 420060

Our client in Navi Mumbai is recruiting a Director - Security Operations.


The Director will draw on his/her experience in security operations, production system administration, change control, service management, and mature leadership skills to build and lead a world-class, global 24 x 7 x 365 operational capability.

Fundamental Objectives :

- Function as the senior-most responsible person ensuring the availability, coverage, and proper functioning of technical security controls across the organisation

- Work in partnership with control owners across Global Security

- Develop a proactive, automated regime to achieve and maintain these qualities across the entire estate of technical controls. Provide 24 x 7 x 365 monitoring and response to ensure that issues with controls are addressed within defined SLA

- Develop and maintain a lean operational model consisting of FTEs and managed services that effectively and efficiently delivers necessary outcomes

- Enhance operational formality by developing policies, runbooks, change control procedures, a service catalogue, and other related artifacts of a mature organization

- Cultivate and maintain deep working relationships with stakeholders throughout the organisation, built on strong personal and team capability, as well as a track record of execution. Foster a powerful team culture that serves to motivate and retain high performers.

Key Responsibilities :

- Work with internal stakeholders from Security, IT, and DevOps teams to inventory current operational security controls. Build out an internal service catalogue of these controls, understanding key attributes for each, such as customer, SLA, downstream impacts, etc.

- Work with control operators to identify RACI and resource requirements for operating each control, and where applicable, transition resources and responsibility for operating the control to self

- Leveraging direct and matrixed resources, build a team of intermediate managers and control operators with a core body of knowledge, and solution-specific knowledge as needed in order to support the mission. Develop a cross-functional knowledge management program so as to train new hires effectively on organisation environments and tools, ensuring broad diffusion of knowledge among the team. Develop strong, audit able processes and artifacts to ensure seamless continuity of operations

- Deliver 24 x 7 x 365 global operational capability, ensuring tool stack availability, coverage, and proper functioning. Work closely with colleagues in Identity and Access Management, Cyber, and Architecture / Engineering teams to deploy, configure, patch, operate, and decommission security hardware and software

- Commensurate with the senior level of this role, the candidate will develop and oversee the development of strategy, project plans, metrics, and presentations, among other artifacts. S/he will make effective use of financial and human resources to achieve organizational objectives. The ability to solve complex problems independently is critical

Required Competencies / Skills:

- Technical proficiency in network operations, such as the deployment, configuration, maintenance, and operation of switches, routers, gateways, DNS servers, VPN concentrators, etc.

- Technical proficiency in network security operations, such as the deployment, configuration, maintenance, and operation of firewalls, IDS, IPS, web proxies, email security systems, packet capture, flow analyzers, firewall rule analyzers, etc.

- Technical proficiency in system administration, such as the deployment, configuration, maintenance, and operation of enterprise-scale operating system installations of Windows and UNIX variants. Long-term scalable operations and maintenance thereof

- Technical proficiency in security operations, such as the deployment, configuration, maintenance, and operation of endpoint-based security tools such as those listed earlier in this job description

- Managerial competency to build and lead a 24 x 7 x 365 global operations capability. Includes the hiring and training of staff, development of policies and procedures, maturation of processes and change control, development of key artifacts, and the ability to interface with auditors with limited supervision. Willing to maintain coverage of emergency escalations around the clock (to be shared with delegate(s))

- Experience in setting strategic targets within an area of responsibility, developing a portfolio of projects to achieve the targets. Experience applying financial and human resources to projects and successfully achieving scope, schedule, and cost objectives.

- Outstanding people leader with the ability to motivate and empathize with others. Previous experience building, leading, and retaining teams of high performers

- Strong written and oral communications skills

Experience Required :

- 10+ years of work experience in IT and Information Security combined

- 5+ years working in information security

- 5+ years focusing on security control operations

- 5+ years in managerial capacity with >=5 direct reports

- 2+ years leading or performing production operations

- Demonstrated experience hiring and leading high performing teams

- Previous experience at or above the Director level (or comparable)

Office Hours: 10:00am - 7:00pm/11:am - 8:00pm/12 Noon - 9:00pm

Add a note
Something suspicious? Report this job posting.