Job Description: Group Chief Information Security Officer, Mumbai

Group Chief Information Security Officer (GCISO) for leads and oversees the information

security strategy and operations of our diversified conglomerate across 36 countries. The

GCISO is responsible for ensuring the confidentiality, integrity and availability of our data,

systems and assets, as well as managing the security risks and compliance requirements of our

diverse businesses.

The GCISO reports directly to the Group CIO and is a key member of IT and Digital leadership

team. The GCISO works closely with the business unit leaders, IT heads, legal and

regulatory teams, and external stakeholders to align the information security vision and

objectives with the group's overall strategy and goals.

Key Responsibilities

• Define and implement the group-wide information security framework, policies,

standards, guidelines and best practices, in alignment with the industry benchmarks

and regulatory requirements

• Establish and maintain the information security governance structure, including the

roles, responsibilities, committees, processes and metrics to measure and monitor the

effectiveness and performance of the information security program

• Develop and execute the information security roadmap, budget and resource allocation,

and prioritize the initiatives and projects based on the risk assessment and business

impact analysis

• Lead and manage the information security team, including hiring, training, mentoring

and evaluating the staff, and ensuring their professional development and career

growth. The current team size is 10 FTEs

• Oversee the information security operations, including the identification, prevention,

detection, response and recovery from cyber threats and incidents, and the

implementation and maintenance of the security tools and technologies Endpoints,

Perimeter, Monitoring , Attack Surface Monitoring, Brand protection, Security

Orchestration system, Threat Intelligence etc

• Coordinate and collaborate with the business units, IT teams, internal audit, legal and

compliance, and external partners and vendors to ensure the integration and alignment

of the information security policies and controls across the group. Group CISO also

chairs the group CISO council and directs all the business CISOs.

• Promote and foster the information security awareness and culture among the

employees, customers, suppliers and other stakeholders, and provide regular

communication and reporting on the information security status, issues and trends

• Stay abreast of the latest information security developments, trends, threats,

vulnerabilities, best practices and standards, and provide strategic guidance and

recommendations to the senior management and the board

Key Requirements

• A bachelor's degree or higher in computer science, information technology, information

security, or related field, and relevant professional certifications such as CISSP, CISM,

CISA, CRISC, etc.