Lead Information Security Governance

Job Description

About UPLUPL is a leader in global food systems and with the acquisition of Arysta LifeScience, is now one of the top 5 agricultural solutions companies worldwide. With revenue of US$5 billion, UPL has presence in 130 countries. With market access to 90 percent of world s food basket and focused on high-growth regions, UPL represents a compelling value proposition for growers, distributors, suppliers and innovation partners in a consolidating market. UPL offers an integrated portfolio of both patented and post-patent agricultural solutions for various arable and specialty crops, including biological, crop protection, seed treatment and post-harvest solutions covering the entire crop value chain.Lead Information Security Governance Manager / Sr. ManagerThe person in this position is responsible for a broad range of tasks, including rolling out of IS Policy, Processes, monitoring and review of the processes, KPIs measurement and reporting and continuous improvement. The person will be responsible for rollout of IT Risk Management, Security Reviews for IT Projects, IT General Controls, Data Privacy, Audits and Assessments, End user awareness and communications.Responsibilities:UPL is seeking an IS Governance Expert with relevant skills and experience, delivering hands-on implementation of ISO27001 / IS Policy Rollout and Sustenance/ Risk Management / IT General Control.

• Define enterprise security architecture framework
• Develop and maintain security strategy
• Develop and manage enterprise-wide policies, standards, and guidelines in accordance with regulatory requirements and industry leading practices
• Support projects in ensuring policies are incorporated correctly
• Liaise with the teams on special projects regarding IS controls implementation.
• Manage security budgeting and tracking
• Assess and manage security risks for the organization
• Privacy Policy and Data Leakage Prevention Policy and Process.
• Lead as security PM for various security initiatives
• Involved in the identification and shortlisting of technical security controls and frameworks
• Responsible for defining the minimum baselines security standards for all technology solutions in the organization which includes the rule-sets for various devices
• Involved in identification of security requirements during the system development lifecycle
• End User Communication and Security Awareness Campaigns and Programs
• Create various IS metrics and dashboards including GRC Dashboard / CIO dashboard
• Monitor and implement IT Service / Information Security metrics as determined by Service Owners, Managers and Senior Management.
• Publish annual calendar of various governance activities
• Experience applying the ITIL framework in a way that successfully meets the needs of the organization.
• Process development (policy, processes, procedures, checklists, templates) and communication to relevant stakeholders through formal and informal methods of training, workshops, mailers, discussions etc.,
• Facilitate service review / process review meetings and continuous improvements
• To Develop a Business Continuity Plan for the IT Services.
• Ability to create a collaborative environment and facilitate cross-functional teams for IS / IT initiatives.

Skill Requirement:

• Overall 6-12 years working in IT services/consulting industry with 5-9 years exp. in rollout and sustenance of IS Policy, Risk Management, Security Frameworks, ITIL/ITSM processes at Enterprise level with around 10000 users.
• Minimum Engineering graduate.
• CISA, CISM, CRISC - Any one of these
• ISO27001 Implementor Must
• ISO27001 LA / ISO22301 / ISO31000 - Preferred
• Hands on work experience in rolling out ISO27001, IS Policies, Risk Management & Security Frameworks,
• Expert in Mapping of IS Controls to the IT Processes.
• Capable of independent preparation of blue print and identification of gaps for rollout of IS Policy
• Highly skilled in converting IT general controls requirements into business requirements / technical requirements and driving it.
• Developed service reports using BI tools the KPIs agreed with business/clients
• End User Security Awareness Programs and Campaigns using various media.
• Practical experience of rollout of security tools and controls on Infrastructure tools (i.e. Active Directory, O365Mail, Alert and Systems Management)
• Worked on Projects as Project Manager in line with PMP principles.
• Excellent written and presentation communications skills
• Experience creating data-driven IT support metrics and trending analysis.
• Positive can do attitude and alignment to a concept of Team Strong customer service and written and verbal communication skills.

KPIs for the IS Governance Manager:

• Establishing governance processes, architecture and standards for IS / IT services
• Maintain IS Policy and Security / Risk Frameworks and ensure and report compliance to the same.
• Maintaining service communication with business stakeholders
• Information Security Awareness for end users
• IS Policy/ Controls reporting and dashboards
• Project Management processes should be followed uniformly and progress reported.

We are all about connecting with people, in a human way showing respect, demonstrating trust, celebrating diversity. For us technology is an enabler, not the endgame. We see the value in human connectivity and how it creates new opportunities for everyone. With this, comes our promise to protect people s safety in every way we can.,

Keyskills :
data privacyprocess reviewmarket accessit supportit risk managementit general controlssecurity toolsfood systemsdata leakageiso 27001it riskitil frameworkit projectsinformation security governance