Company Details

A global biopharmaceutical company changing patients’ lives in over 120 countries by finding new and affordable ways to treat diabetes, cancer and autoimmune diseases.

Assignment Details

Our client an Indian Biopharmaceutical Company is looking to engage with a Head Information Security Management.

The primary focus is on developing and coordinating the companies Information Security function and Disaster recovery activities, broad organizational guidelines and budgets with the objective of enabling business processes to achieve growth and profitability. The Head of Information Security will be taking on the continual development of security process and controls within the business. It will be a key position in which helps to drive the business forward in a secure and compliant manner.

Key Responsibilities:
1. Supporting the business in delivering quality and compliance in order to drive down information security risk.
2. Defending the business by building and implementing security process and procedure in order to protect and respond to risk.
3. Promoting responsible behaviour by improving the culture internally to ensure all staff are protecting against possible security incidents.
4. Continuous improvement by ensuring security updates and implemented as and when necessary.
5. Build the security team and help towards ISO27001 implementation.

• Cybersecurity Governance: Cybersecurity controls and governance to provide frameworks, guidelines and techniques to improve Cybersecurity Governance & Oversight to optimize resources, costs and time to address changing requirements of clients and regulatory bodies.

• Business Continuity & Resilience: Business continuity and change resilience through strategies, frameworks, guidelines and techniques to achieve Business Resilience with an eagle eye view on Critical Computing environments and related internal functions due to changes in organization, applicable legislation or client requirements.

• Risk Optimization: Risk management & optimization programs to provide frameworks, guidelines and techniques to enhance organizations to build capability to optimize risk management to enable relevant teams to take risks or contain them in order to align to the tone at the top.

• Privacy Assurance: Privacy controls & their governance to provide to create or improve a wholesome privacy program based upon the relevant exposure to applicable laws (GDPR/CCPA/PDPA) across the world for both controllers and processors.

• Integrated Management Systems: Management systems that lead to multiple ISO certifications, to integrate, consolidate and optimize on the costs and the efforts associated with business operations that can use an integrated process mechanism. This can leverage standards like ISO9001, ISO20000, ISO22301, ISO27001, ISO27017, ISO27018, ISO29100 etc.

• Business Assurance Program :Existing and new practices to help meet market expectations by evangelizing technology solutions not only in these areas, at the confluence of risk, cybersecurity, privacy and continuity to establish assurance capabilities for both digital and brisk & mortar businesses.

Location: Bangalore (Onsite)-Electronic City
Duration: 12 months
Capacity: Full time

Skills Required

- Understanding of ISO27001 and able to implement policy according to legislation
- Proven leadership skills.
- Problem analysis and resolution ability.
- Able to communicate well at senior and board level to help others understand business risk.
- Security Auditing experience.
- Business process understanding, able to understand general business operation activities to avoid business down time.
- Security related certificate ideal (CISSP/CISM/CRISC)
- Responsible to liaison with customer and other key stakeholders to assess the business needs of the customer and identify key challenges, constraints, and risks and thereby define the project scope after extensive due diligence.
- Responsible for supporting and Run-time value-addition for all global customers from a Security Delivery perspective.
- Relevant 15 years of experience.