Director, Information Security

Chennai, Tamil Nadu, India

Applications have closed

Allucent

Allucent, a clinical research organization striving to bring new therapies to light by solving distinct challenges of small and mid-sized biopharma companies.

View company page

The Director of Information Security develops and implements a pragmatic Information Security strategy. The ideal candidate is passionate about security and privacy and has an extensive IT operations background.

  • Works closely with and provides technical expertise to quality, compliance, business units, and supporting departments in implementing, certification, and maintaining compliance standards with an appropriate security framework (e.g. NIST).
  • Author and maintain policies, standards, and procedures that demonstrate strong organizational governance.
  • Maintain documentation of security controls and respond to requests from customers (internal and external).
  • Collaborate with IT Operations, Privacy and other lines of business to identify threats and design technical controls.
  • Responsible for security operations including threat prevention, detection, and incident response strategy to include a formalized incident response process, declaring security incidents, coordinating and assisting in the investigation of potential incidents, assisting in the recovery from attacks, coordinating with legal, compliance, and other stakeholders, law enforcement agencies (where applicable), and developing the post-response control strategy.
  • Lead security risk management activities, including assessing, tracking, and mitigating risks.
  • Develop, adapt, and communicate the information security strategy.

Requirements


  • 10+ years of experience in relevant security domains (e.g., security risk management, access control, audits, etc.), with 3+ years of management experience.
  • Should have solid risk management skills, experience with SOC2, ISO 2700x frameworks, third-party auditing, and (cloud) risk assessment methodologies.
  • Knowledge and understanding of relevant legal and regulatory requirements, such as GDPR, SOC2, FedRAMP, ISO/IEC 27001/27701, and NIST security principles
  • Presentation and communication skills to support security and privacy company-wide.
  • Deep IT operations and infrastructure experience particularly with Microsoft and Amazon AWS. Prior management experience in this space is a plus.
  • Knowledge of and experience in managing day-to-day security operations with the ability to prioritize multiple projects.
  • Must be comfortable operating in a collaborative, shared leadership environment.
  • Must possess a personal presence characterized by a sense of honesty, integrity, and caring with the ability to inspire and motivate others to promote the organization's philosophy, mission, vision, goals, and operating imperatives.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits AWS Cloud Compliance FedRAMP GDPR Governance Incident response NIST Privacy Risk assessment Risk management Security strategy SOC 2 Strategy

Region: Asia/Pacific
Country: India
Job stats:  10  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.