Security and Compliance Lead

Position to be filled: Security & Compliance Lead

Job Responsibility: Compliance, Regulatory, Risk assessments, SIEM, SOAR, Infra Security, Cyber Security

Minimum Qualification

Education: Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field. Advanced degrees or relevant certifications (e.g., CISSP, CISM, CISA, CRISC) are highly desirable.

Experience: Minimum of 7 years of experience in IT security and compliance, with at least 3 years in a leadership role.

Job Duties:

Develop, implement, and maintain comprehensive security strategies, policies, and procedures.

Lead the design and implementation of security architectures and solutions to protect company assets.

Perform risk assessments and vulnerability assessments to identify and mitigate security risks.

Manage security incident response, including investigation, resolution, and reporting.

Ensure data integrity, confidentiality, and availability through robust security controls.

Continuously monitor and evaluate the effectiveness of security measures and make necessary adjustments.

Conduct regular compliance audits and assessments to ensure ongoing adherence to relevant standards and regulations.

Collaborate with internal and external auditors to facilitate audits and address any findings or recommendations.

Maintain detailed documentation of compliance efforts, policies, and procedures.

Stay current with changes in laws, regulations, and industry standards that affect the organizations compliance requirements.

Manage and mentor a team of security and compliance professionals, providing guidance and support.

Assign tasks, monitor progress, and ensure the team meets project deadlines and objectives.

Foster a collaborative and high-performance team environment.

Provide training and development opportunities to enhance the team's skills and knowledge.

Collaborate with other departments to ensure security and compliance requirements are integrated into all projects and initiatives.

Communicate security and compliance risks, strategies, and status to senior management and stakeholders.

Develop and deliver security awareness training programs for all employees.

Continuously monitor and evaluate the effectiveness of security and compliance programs.

Recommend and implement improvements to security and compliance processes and tools.

Evaluate and integrate new security technologies to enhance the organizations security posture. (ISO 27001, NIST, CIS Controls). Strong understanding of regulatory requirements and standards (e.g., GDPR, HIPAA, SOX, PCI-DSS).

Experience with risk management practices, including risk assessments, mitigation strategies, and incident response.

Proficiency with security technologies such as firewalls, IDS/IPS, SIEM, XDR, SOAR, endpoint protection, and encryption.

Hands-on experience with Security Information and Event Management (SIEM) systems for centralized logging, monitoring, and analysis.

Expertise in Extended Detection and Response (XDR) solutions for integrated threat detection and response across multiple security layers.

Responsible for their team success, manage team, Form new offerings as per the market trend

Implementation and management of Security Orchestration, Automation, and Response (SOAR) platforms to enhance security operations efficiency.

Identity and Access Management: Expertise in identity and access management (IAM) solutions and best practices.

Cloud Security: Experience with cloud security practices and solutions (e.g., AWS, Azure, Google Cloud).

Network Security: Strong understanding of network security concepts, including VPNs, VLANs, and secure network architecture.

Application Security: Knowledge of application security best practices, including secure coding, application testing, and vulnerability management.

Skills Preferred:

Strong technical skills with a deep understanding of IT security and compliance.

Excellent leadership and team management abilities.

Strong problem-solving and analytical skills.

Excellent communication and interpersonal skills.

Ability to work independently and as part of a team.

Strong organizational skills and attention to detail