Holcim
As the world’s global leader in building solutions, Holcim is reinventing how the world builds.
We operate four business segments: Cement, Aggregates, Ready-Mix Concrete and Solutions & Products, and hold leading positions in all regions of the globe, with around 60,000 employees in around 60 countries. Holcim experts solve the challenges that customers face around the world, whether they are building individual homes or major infrastructure projects. Demand for our materials and solutions is driven by global population growth, urbanization, improved living standards and sustainable construction.
We are listed at the Swiss stock exchange SIX and Euronext.
Job description
Role - Information Security Manager
Location : Airoli - Navi Mumbai (Hybrid)
Experience - 10-12 Years
Summary
Education / Qualification
Bachelor’s degree in Computer Science, Information Technology or Engineering degree in any discipline with experience/ skills in Information Security/ Cybersecurity/ IT Security/ OT Security, etc.
CEH/ CFIH/ CISSP/ CISM/ CRISC certifications are added advantage
Roles and Responsibilities:
Experience
At least 10+ years of experience in Information Security/ Cybersecurity, primarily in IT Security Projects/ Assessments/ Implementation, Security Design/ Architecture/ Implementation/ Operations/ Reviews, IT Risk Assessment, Vendor Security and Risk Assessments, Cybersecurity Engineering, Business Case Preparation, Data Protection and Privacy initiatives, etc
Required skills:
IT & Security Risk Assessment Frameworks and Processes
Good knowledge in ISO 27001, NIST Cybersecurity Frameworks
Network & Security Fundamentals with Hands-on experience preferred
Knowledge/ Experience in Application Security/ SSDLC/ DevSecOps and Cloud Security
IT/ OT Security Projects, Solution POCs/ Evaluations, etc
Strong People and Project Management expertise in IT Security/ Information Security
Responsibilities:
Planning, Supporting and Driving various IT Security, OT Security, Cybersecurity/ Data Security and Privacy Projects/ Initiatives/ POCs, as needed
Performing Security Reviews for IT/ Business Projects/ Requirements and Changes
Assessing and managing risks, vulnerabilities, threats and compliance within the Region
IT/OT Cybersecurity Assessment, Control Implementation and Support
Ensure VAPT are embedded as part of our Application Development, Enhancement and Release Lifecycle Processes.
Create, Review and Update Security Policies and Guidelines, as needed
Cybersecurity Awareness Training and Campaigns
Third Party/ Vendor Security & Risk Assessment
Security Reviews and Approvals for Third Party/ External Accesses and Data Sharing
Supporting the implementation of DevSecOps
Participate in various internal forums/ working groups within Holcim on IT Security, Cloud Security, Application Security, SOC/ CSC and contribute to global security initiatives and projects
Cyber/ Security Incident Response, Investigation, Root Cause Analysis, Corrective and Preventive Action Plans
Data Protection and Privacy Initiatives