Holcim
As the world's global leader in building solutions, Holcim is reinventing how the world builds.
We operate four business segments: Cement, Aggregates, Ready-Mix Concrete and Solutions & Products, and hold leading positions in all regions of the globe, with around 60,000 employees in around 60 countries. Holcim experts solve the challenges that customers face around the world, whether they are building individual homes or major infrastructure projects. Demand for our materials and solutions is driven by global population growth, urbanization, improved living standards and sustainable construction.
We are listed at the Swiss stock exchange SIX and Euronext.
Job description
Role - Information Security Manager
Location : Airoli - Navi Mumbai (Hybrid)
Experience - 8-10 Years
Summary
Education / Qualification
- Bachelor's degree in Computer Science, Information Technology or Engineering degree in any discipline with experience/ skills in Information Security/ Cybersecurity/ IT Security/ OT Security, etc.
- CEH/ CFIH/ CISSP/ CISM/ CRISC certifications are added advantage
Roles and Responsibilities:
Experience
- At least 10+ years of experience in Information Security/ Cybersecurity, primarily in IT Security Projects/ Assessments/ Implementation, Security Design/ Architecture/ Implementation/ Operations/ Reviews, IT Risk Assessment, Vendor Security and Risk Assessments, Cybersecurity Engineering, Business Case Preparation, Data Protection and Privacy initiatives, etc
Required skills:
- IT & Security Risk Assessment Frameworks and Processes
- Good knowledge in ISO 27001, NIST Cybersecurity Frameworks
- Network & Security Fundamentals with Hands-on experience preferred
- Knowledge/ Experience in Application Security/ SSDLC/ DevSecOps and Cloud Security
- IT/ OT Security Projects, Solution POCs/ Evaluations, etc
- Strong People and Project Management expertise in IT Security/ Information Security
Responsibilities:
- Planning, Supporting and Driving various IT Security, OT Security, Cybersecurity/ Data Security and Privacy Projects/ Initiatives/ POCs, as needed
- Performing Security Reviews for IT/ Business Projects/ Requirements and Changes
- Assessing and managing risks, vulnerabilities, threats and compliance within the Region
- IT/OT Cybersecurity Assessment , Control Implementation and Support
- Ensure VAPT are embedded as part of our Application Development, Enhancement and Release Lifecycle Processes.
- Create, Review and Update Security Policies and Guidelines, as needed
- Cybersecurity Awareness Training and Campaigns
- Third Party/ Vendor Security & Risk Assessment
- Security Reviews and Approvals for Third Party/ External Accesses and Data Sharing
- Supporting the implementation of DevSecOps
- Participate in various internal forums/ working groups within Holcim on IT Security, Cloud Security, Application Security, SOC/ CSC and contribute to global security initiatives and projects
- Cyber/ Security Incident Response, Investigation, Root Cause Analysis, Corrective and Preventive Action Plans
- Data Protection and Privacy Initiatives
