Job Description

Overview:
Role Purpose The purpose of this role is to design the organisation\xe2\x80\x99scomputer and network security infrastructure and protect its systems andsensitive information from cyber threats.
Do

• 
  Design and develop enterprise cyber security strategyand architecture
  • Understand security requirements by evaluating businessstrategies and conducting system security vulnerability and riskanalyses
  • Identify risks associated with business processes, operations,

information security programs and technology projects

• Identify and communicate current and emerging security threatsand design security architecture elements to mitigate threats as theyemerge
• Identify security design gaps in existing and proposedarchitectures and recommend changes or enhancements
• Provide product best fit analysis to ensure end to end securitycovering different faucets of architecture e.g. Layered security,Zoning, Integration aspects, API, Endpoint security, Data security,Compliance and regulations
• Demonstrate experience in doing security assessment against NISTFrameworks, SANS, CIS, etc.
• Provide support during technical deployment, configuration,integration and administration of security technologies
• Demonstrate experience around ITIL or Key process-orienteddomains like incident management, configuration management, changemanagement, problem management etc.
• Provide assistance for disaster recovery in the event of anysecurity breaches, attacks, intrusions and unusual, unauthorized orillegal activity
• Provide solution of RFP\xe2\x80\x99s received from clients and ensureoverall design assurance
  • Develop a direction to manage the portfolio of to-be-solutionsincluding systems, shared infrastructure services, applications,hardware related to cyber risk security in order to better matchbusiness outcome objectives
  • Analyse technology environment, enterprise specifics, clientrequirements to set a collaboration design framework/ architecture

• Depending on the client\xe2\x80\x99s need with particular standards andtechnology stacks create complete RFPs

• Provide technical leadership to the design, development andimplementation of custom solutions through thoughtful use of moderntechnology
• Define and understand current state solutions and identifyimprovements, options & tradeoffs to define target state solutions
• Clearly articulate and sell architectural targets, recommendationsand reusable patterns and accordingly propose investment roadmaps

• Evaluate and recommend solutions to integrate with overalltechnology ecosystem
• Tracks industry and application trends and relates these to planningcurrent and future IT needs

• 
  Stakeholder coordination & audit assistance
  • Liaise with stakeholders in relation to cyber security issuesand provide timely support and future recommendations
  • Provide assistance in maintaining an information security riskregister and help with internal and external audits relating toinformation security
  • Support audit of security best practices and implementation ofsecurity principles across the organization, to meet business goalsalong with customer and regulatory requirements
  • Assist with the creation, maintenance and delivery of cybersecurity awareness training to team members and customers
  • Provide training to employees on issues such as spam andunwanted or malicious emails

Stakeholder Interaction


Stakeholder Type
Stakeholder Identification
Purpose of Interaction

Internal
Program Manager/Director
Regular reporting & updates

Infrastructure (CIS team)
For infrastructure support

External

Customer
To coordinate for all security breaches & resolutions
Display
Lists the competencies required to perform this role effectively:

• Functional Competencies/ Skill
  • Leveraging Technology - Knowledge of current and upcoming securitytechnologies (e.g. Firewalls, IPS, DDoS, SIEM, WAF, Endpoint etc.) andunderstanding of compliance regulatory requirement like PCI DSS, HIPAA,etc.- Expert
  • Systems Thinking \xe2\x80\x93 Understanding of the Wipro system(interrelatedness, interdependencies and boundaries) and perform problemsolving in a complex environment - Expert
  • Leveraging Technology \xe2\x80\x93 In-depth knowledge of and mastery overecosystem technology that commands expert authority respect \xe2\x80\x93Master
  • Technical Knowledge - Certified Information Systems SecurityProfessional (CISSP), Cloud Architect Certification from AWS and Azure,ToGAF or SABSA certification-Master

Competency Levels

Foundation
Knowledgeable about the competency requirements. Demonstrates (inparts) frequently with minimal support and guidance.

Competent
Consistently demonstrates the full range of the competencywithout guidance. Extends the competency to difficult and unknownsituations as well.

Expert
Applies the competency in all situations and is serves as a guideto others as well.

Master
Coaches others and builds organizational capability in thecompetency area. Serves as a key resource for that competency and isrecognized within the entire organization.

• 
  Behavioral Competencies
  • Effective Communication
  • Managing Complexity
  • Client centricity
  • Technology Acumen
  • Innovation
  • Problem Solving approach
  • Collaborative Working
  • Execution Excellence

Deliver


No.
Performance Parameter
Measure

1.
Customer centricity
Timely security breach solutioning to end users, Internalstakeholders & external customers experience, CSAT, educating andsuggesting right control to the customers.

2.
Support sales team to create wins
% of proposals with Quality Index >7, timely support ofthe proposals, identifying opportunities/ leads to sell services within/outside account (lead generation), no. of proposals led