Information Security Manager

Holcim

As the world’s global leader in building solutions, Holcim is reinventing how the world builds.

We operate four business segments: Cement, Aggregates, Ready-Mix Concrete and Solutions & Products, and hold leading positions in all regions of the globe, with around 60,000 employees in around 60 countries. Holcim experts solve the challenges that customers face around the world, whether they are building individual homes or major infrastructure projects. Demand for our materials and solutions is driven by global population growth, urbanization, improved living standards and sustainable construction.

We are listed at the Swiss stock exchange SIX and Euronext.

Job description

Role - Information Security Manager

Location : Airoli - Navi Mumbai (Hybrid)

Experience - 10-12 Years

Summary

Education / Qualification

Bachelor’s degree in Computer Science, Information Technology or Engineering degree in any discipline with experience/ skills in Information Security/ Cybersecurity/ IT Security/ OT Security, etc.

CEH/ CFIH/ CISSP/ CISM/ CRISC certifications are added advantage

Roles and Responsibilities:

Experience

At least 10+ years of experience in Information Security/ Cybersecurity, primarily in IT Security Projects/ Assessments/ Implementation, Security Design/ Architecture/ Implementation/ Operations/ Reviews, IT Risk Assessment, Vendor Security and Risk Assessments, Cybersecurity Engineering, Business Case Preparation, Data Protection and Privacy initiatives, etc

Required skills:

IT & Security Risk Assessment Frameworks and Processes

Good knowledge in ISO 27001, NIST Cybersecurity Frameworks

Network & Security Fundamentals with Hands-on experience preferred

Knowledge/ Experience in Application Security/ SSDLC/ DevSecOps and Cloud Security

IT/ OT Security Projects, Solution POCs/ Evaluations, etc

Strong People and Project Management expertise in IT Security/ Information Security

Responsibilities:

Planning, Supporting and Driving various IT Security, OT Security, Cybersecurity/ Data Security and Privacy Projects/ Initiatives/ POCs, as needed

Performing Security Reviews for IT/ Business Projects/ Requirements and Changes

Assessing and managing risks, vulnerabilities, threats and compliance within the Region

IT/OT Cybersecurity Assessment, Control Implementation and Support

Ensure VAPT are embedded as part of our Application Development, Enhancement and Release Lifecycle Processes.

Create, Review and Update Security Policies and Guidelines, as needed

Cybersecurity Awareness Training and Campaigns

Third Party/ Vendor Security & Risk Assessment

Security Reviews and Approvals for Third Party/ External Accesses and Data Sharing

Supporting the implementation of DevSecOps

Participate in various internal forums/ working groups within Holcim on IT Security, Cloud Security, Application Security, SOC/ CSC and contribute to global security initiatives and projects

Cyber/ Security Incident Response, Investigation, Root Cause Analysis, Corrective and Preventive Action Plans

Data Protection and Privacy Initiatives