We are, on a customer’s behalf, looking for a Security Program Director for a 12 month contract.
1. The candidate should have extensive experience in the field of information security covering all aspects such as end point security, IAM, Infrastructure security, application security, data security, cloud security, network security, vulnerability management and penetration testing, BCP and DR.
2. Some experience in industry frameworks such as ISO 27001, NIST SP 800, CIS benchmark, OWASP (these 4 are must), desirable are Zero Trust, IATF 16949, Supply Chain Security, EU GDPR
3. One life cycle implementation experience and full adoption of ISO 27001 or NIST frameworks would be an advantage.
4. Experience of working with CISO and Enterprise Security architects to define security strategy for the organization and action plan to drive the implementation.
5. Managing security teams from different towers like Application Security, End user systems security, compute security, BCP & DR and drive security governance across all the teams.
6. Be able to take ownership of security governance and report to CISO
7. Good experience in defining, measuring/tracking and reporting the security metrics/reports across the organization including all towers