Information Security Officer

Position Overview:

The Information Security Officer (ISO) will be responsible for developing, implementing, and overseeing information security protocols and practices within DICV.The ISO will collaborate with various departments to ensure compliance with industry regulations, identify potential vulnerabilities, and mitigate risks to safeguard our systems, data, and operations.

Experience: 7-12 Years

Location: Oragadam,Chennai (Transport facility will be provided)

Key Responsibilities:

Develop and Implement Security Policies: Design and implement comprehensive information security policies, procedures, and guidelines.

Risk Assessment and Management: Conduct regular risk assessments to identify potential threats and vulnerabilities. Develop strategies and measures to mitigate risks effectively.

Security Compliance: Ensure compliance with relevant regulations and standards such as ISO 27001, NIST, GDPR, and industry-specific requirements. Stay updated on emerging regulations and recommend necessary adjustments to policies and practices.

Incident Response: Lead the incident response process, including detection, analysis, containment, eradication, and recovery. Implement procedures to minimize the impact of security incidents and ensure timely resolution.

Security Audits and Assessments: Coordinate and participate in internal and external security audits and assessments. Address findings and implement corrective actions as necessary.

Security Architecture: Collaborate with IT and other departments to design and implement secure architectures for systems, networks, and applications. Ensure that security controls are integrated into the design and development processes.

Security Monitoring and Analysis :Analyze security logs and reports to identify potential threats and take appropriate actions.

Continual Improvement: Monitor industry trends, emerging threats, and best practices in information security. Continuously assess and improve the effectiveness of security measures and controls.

Security Awareness Training: Develop and deliver security awareness training programs for employees to promote a culture of security awareness and compliance throughout the organization.

Qualifications:

Bachelor's degree in Computer Science, Information Technology, or related field.

Advanced degree or certifications (e.g., CISSP, CISM, CISA) preferred.

Proven experience in information security, preferably in a manufacturing or industrial environment.

In-depth knowledge of information security principles, practices, technologies, and regulations.

Experience with risk assessment methodologies, security frameworks, and compliance requirements.

Strong analytical and problem-solving skills with the ability to assess complex security issues and recommend effective solutions.

Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and stakeholders.

Ability to work independently, prioritize tasks, and manage multiple projects simultaneously.

Experience with security tools and technologies such as SIEM, IDS/IPS, DLP, antivirus, encryption, and endpoint security solutions.