Job Description

1. JOB DETAILS
Job Title
IT Security Lead
Department
IT
Business Unit
Corporate
Direct Line Manager Job Title
IT Governance and Security Manager
Location/ Address
Corporate Office, Delhi, India
Position Code/ Identity
Date
16 Sep 2022
Version Control
Version 1.0
2. JOB PURPOSE
The high-level overview of what the job is required to do
Continuously architect and deliver IT Security solution and services to safeguard Averda Information and systems
People Management
Comply with Health, Safety and Environment policies
Risk Management
3. QUANTITATIVE DIMENSIONS
The scope of responsibility of the job based on financial targets
Number of employees directly managed
1
Number of employees indirectly managed
Budget Responsibility value for current FY
INR 00 per year
Sales Responsibility value for current FY
INR 00 per year
Other
4. STAKEHOLDERS
The interactive network related to this job
internal stakeholders
All Averda employees
external stakeholders
IT consultants, partners, distributors, and resellers
5. KEY ACCOUNTABILITIES
Responsibility
Indicator/ Input
Targets/ Output
Continuously architect and deliver IT Security solution and services to safeguard Averda Information and systems
Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
Develop and enhance an information security management framework
Carry out vulnerability assessments of systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified and to ensure they are implemented.
GAP analysis report
Automated security dashboard
Ensure appropriate safeguards are in place to protect the companys information assets
Design and implement administrative, physical and technical safeguards to protect information assets
Identify, introduce and implement procedures, including checks and balances, to test these safeguards regularly
Information security Safeguards implemented and regularly checked
Conduct and complete annual information security reviews and audits as required
Ensure that a yearly audit of all Information security assets and processes is conducted, covering data, systems, roles and responsibilities and partners / suppliers
Conduct internal Information security audit assignments / investigations whenever required
Published Audit reports covering all information security assets processes, for all audits conducted yearly, and on ad-hoc basis
Standardize User Profiles
Oversee the design and adoption of User Profiles
(by Country, Project, Function, Role and Grade Level)
Standardized User Profiles published and adopted
Ensure effective training programs are in place to increase security awareness across Averda
Develop an information security awareness training program
Provide classroom / online training to Averda staff
Training delivered to Averdas administrative staff on information security basics
Establish compliance with global standards
Ensure the compliance of IT security processes with IT best practices standards such as ISO 27001 and NIST
Provide the needed training to IT employees on the adopted IT standards
Training delivered to IT personnel on IT best practices standards
Reports on IT standards adopted, including gap analysis
People Management
(applicable for only Managers and above)
Build the team, optimising talents and growing individuals
Manage the performance of the team
Develop and maintain teamwork among all teams promoting the sharing of ideas and best practice
Report non-compliance cases and initiate actions as per Managing Capability and Discipline Concerns Policy
80% Engagement Level of the team
100% completion of Performance Management
Under performance addressed
Comply with Health, Safety and Environment policies
(mandatory for all)
Exercise due diligence towards health and safety of self and others in the organisation
Comply with the applicable HSE procedures, instructions, requirements, standards received from regulatory and statutory bodies
Proactively report superior occurrences, events, violations and acts that may impact employee health, safety or environment
100% compliance
Risk management
(mandatory; Line manager discretion)
Analyse current risks and identify potential risks in the area of responsibility
Report the risk tailored to the relevant audience
Build risk awareness amongst team by providing support and training
Well defined risk in the result area
On-Time and In-Full (OTIF) reporting
6. COMPETENCIES
6.1 QUALIFICATIONS and KNOWLEDGE
Qualifications
Bachelors Degree in Computer Science, Information Systems, or any other IT related field
Knowledge
Subject matter expertise in the areas of Information Security, IT governance, IT Auditing
IT best practices certification (CISA, CISM, CISSP or ISO) is recommended
Language Proficiency
English (fluent)
6.2 Technical Competencies
Systems Administration, technical support and troubleshooting, RCA
MS Outlook, Word, Excel and PowerPoint
High level of project management skills
High level of planning and analytical skills
Excellent verbal and written communication skills
High level of awareness in the local market and key players and stakeholders
High level of awareness of the local competitive landscape
6.3 Core Competencies
Deliver: Consistently strives to deliver business results and exceeds customer expectations
Care: Develops rapport and works effectively with a diverse range of people
Inspire: Spots opportunities and creates innovative solutions in order to deliver business results
Instils Discipline: Focuses performance that turns the strategy into the right actions at the right time in the right way to meet the growth objectives
Is Resourceful: Makes connections that arent obvious to others while building solutions and strategy
Delivers Achievement: Owns the responsibility to build the capability and resilience of others, teams and Averda to achieve
Communicates Transparently: Confidently communicates in a clear, concise and open way
Builds Teamwork: Encourages participation and commitment to Averda identity and measures own success through collective success
Focuses Future: Directs the future of Averda and ensures commitment to deliver the strategy
7. experIence
Minimum 7 years experience in Information security, IT Auditing, and risk management
Ability to write for different audiences, including drafting policies, processes, and procedures
Experience working with a global or multinational company in a relevant sector or industry Experience in Customer Service and Service Delivery using agreed Service Level Agreements