Director - Information Security

JOB TITLE: Director- Information Security

Location: Delhi/Mumbai/Bengaluru

Role Summary:

The Chief Information Security Officer (CISO) will lead the organization's information security strategy, ensuring the protection of data, systems, and networks. CISO will provide technical and administrative guidance on information security concerns and advocate for strategies to minimize business risks for the firm and its clients. This role involves overseeing information security, data privacy, and BYOD (Bring Your Own Device) policies to safeguard critical assets and align with business goals.

ROLE AND RESPONSIBILITIES:

Information Security Management:
• Develop, implement, and monitor comprehensive Information Security strategies, policies, and procedures.
• Perform risk assessments and identify vulnerabilities to mitigate potential threats.
• Ensure security standards align with industry best practices (ISO 27001, NIST, etc.).

Compliance assurance for new technology integrations - Ensure that the Firm complies with all relevant IT security regulations and standards when acquiring new technology.

Data Privacy Compliance:
• Implement and oversee data privacy programs to comply with GDPR, CCPA, and other relevant laws.
• Ensure proper encryption, access controls, and data protection measures are in place.
• Conduct regular audits to ensure compliance with data privacy regulations.

BYOD Management:
• Develop and manage a secure BYOD policy for employees to safely access corporate data.
• Monitor and control device usage to proactively prevent data breaches and unauthorized access.
• Ensure MDM (Mobile Device Management) systems are deployed for device tracking and security.

Cybersecurity Leadership:
• Oversee security architecture, firewalls, antivirus systems, and cloud-based protections.
• Prevention of internal data misuse and security breaches
• Implementing access controls, monitoring user activities, and promoting a culture of safety awareness.
• Manage incident response plans and lead resolution for security breaches.

Collaboration and Reporting:
• Collaborate with IT, Compliance, and practice specific teams to integrate security across operations.
• Provide regular updates and reports to the leadership team on cybersecurity posture and incidents.
• Develop budgets for security initiatives and optimize resource allocation.

REQUIRED SKILLS AND QUALIFICATIONS:
• Bachelor’s degree in Computer Science, Information Technology, or a related field; Master's degree preferred.
• 10+ years of experience in Information Security, Data Privacy, and IT leadership roles.
• Professional certifications: CISSP, CISM, CISA, or equivalent.
• Strong knowledge of data privacy laws (GDPR, HIPAA, CCPA, etc.).Experience implementing and managing BYOD policies and mobile security frameworks.
• Proven expertise in risk management, incident response, and cybersecurity governance.
• Excellent leadership, communication, and problem-solving skills. Read more