Job Title:  Associate Director | Cyber Security | Mumbai | Information Technology

Associate Director | Enabling Areas - Information Technology | Cyber Security

Location:  Mumbai

The team

          The Enabling Area – Information Technology team is responsible for building & maintaining different applications for Deloitte South Asia that focuses on providing employee experience.

Your work profile

• Oversee and manage regular security assessments, vulnerability scans, and penetration tests to identify and mitigate security risks.
• Supervise and coordinate the monitoring and analysis of security alerts and incidents, and ensure prompt response to security breaches.
• Lead collaboration with IT and other departments to ensure security measures are integrated into all aspects of the organization's operations.
• Manage and oversee the maintenance of security tools and technologies, including firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
• Develop and conduct security awareness training for employees to promote a culture of security within the organization.
• Develop and lead the implementation of comprehensive information security policies, procedures, and guidelines.
• Perform and oversee risk assessments and develop risk mitigation strategies.
• Prepare and present security reports to senior management and stakeholders.
• Stay up-to-date with the latest security trends, threats, and technologies, and advise on necessary updates and changes.
• Review and respond to client security questionnaire.
• Review and interpret information security clauses in Master service agreement, Engagement letters.
• Collaborate with legal teams, IT teams ,different business teams to align client requirements with internal information security policies.
• Contribute to internal security awareness and trainings.
• Stay up-to-date with the latest security trends, threats, and technologies.

Key skills required: 

• 12-15 years of experience in Information Security , Cyber Security
• Experience with cloud security (AWS, Azure, Google Cloud).
•  Knowledge of network security, application security, and data protection.
• Familiarity with regulatory requirements and compliance frameworks.
• Experience in incident response and forensic analysis.
• Experience in strategic planning and project management.
• Ability to work independently and manage multiple information security related activities with timelines.
• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
• Ability to handle sensitive information with discretion and maintain confidentiality.
• Experience required, Any Specific Industry / Company exposure:
• Strong knowledge of security frameworks, standards, and best practices.
• Experience with security tools and technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
• Proven leadership and team management skills.
• Experience in MSA review, client security questionnaires.
• Experience in working in MNCs preferred
• Bachelor’s degree in Information Technology, Computer Science, or a related field.
• Professional certifications such as CISSP, CISM, CEH, or equivalent are desirable.