Info Tech_Cyber Security Operations Manager

The Cybersecurity Operations Manager will act as the primary point of contact and liaison for coordinating all cybersecurity-related operations within the Organisation. This role bridges the gap between business partners, country-level stakeholders, information technology team and the broader security teams within the organization. The individual will ensure the effective implementation, monitoring, and enhancement of security measures, aligning industry best practices with the organizations overarching cybersecurity strategy. Is responsible for managing and optimizing the technology portfolio of enterprise data protection infrastructure, ensuring the reliability and efficiency of associated systems/services, and managing operations team. This role involves planning, partner management, project management, and collaboration with various departments to support business objectives. Is accountable for the cybersecurity objectives and deliverables within the business unit. Adapts business unit, department, site or sub-function plans and priorities to address resource and operational challenges. Decisions are guided by policies, procedures and business unit, department or sub-function plan; receives guidance from manager. Provides technical guidance to employees, colleagues, and/or customers

The Cybersecurity Operations Manager will work closely with the SOC (Security Operations Centre) & Managed Security Services team to detect, analyse, respond and mitigate cybersecurity incidents.

Stakeholder Coordination

Serve as the primary liaison between business units, IT & functional leadership, and group cyber security teams.

Facilitate communication and alignment of cybersecurity initiatives across various stakeholders.

Stakeholder engagement & relationship building.

Collaborate with IT & business project team to incorporate security by design principle in all the digital projects.

Operational Oversight

• Manage and maintain the technology portfolio of enterprise information protection services.
• Ensure regular maintenance and timely upgrades of security systems & services to prevent downtime and enhance performance.
• Collaborate, lead and mentor the IT operations team, providing guidance and support to ensure high performance in delivering security services.
• Plan and execute Cybersecurity projects, ensuring they are completed on time and within budget.
• Work with business, internal IT and 3rd party vendor teams to promote and adopt security best practices.
• Implement and monitor security measures to protect data and ensure compliance
• Monitor security system performance and troubleshoot issues to maintain optimal operation.
• Responsible for managing all service and change requests relating to security
• Manage relationships with Security/ IT vendors and service providers to ensure quality and cost-effective services.
• Work with Security partners to conduct and review regular security assessments (Pen tests, Vulnerability scans etc) of vendors and solutions (SaaS, IaaS providers, Managed Security Service Provider)

Incident Detection & Response

• Accountable for Security Incident Management. Maintain and improve security incident response procedures and playbooks.
• Oversee the daily monitoring and review of security event activities and cyber threat landscape to ensure ongoing and continued maturity of the organizations security controls in close coordination with SOC & MSS team
• Manage resolution of cyber security incidents and coordinate with engineering support for security systems.
• Identify and diagnose potential threats, including root cause analysis and after-action reviews to ensure security controls defend the enterprise against potential cyber threats
• Collect and analyses cybersecurity threats to develop a deep understanding and awareness of cyber threats and actors tactics, techniques and procedures (TTP) to derive and report indicators that help organisations detect and predict cyber incidents and protect systems and network from cyber threats.
• Proactively searches for undetected threats in networks and systems, identifies their indicators of compromise (IOCs), and recommend mitigation plan

Reporting and Documentation

• Develop & streamline process and procedures for efficient security operations.
• Provide regular reports & metrics on service operations
• Perform routine audits on security of the infrastructure and present findings.

Governance & Compliance

• Conduct periodic service review meetings with relevant stakeholders – both internal & external.
• Ensure adherence to security controls and policies
• Facilitate & drive Information Security Management System (ISMS) process across the organisation.
• Develop and manage the IT operations budget, ensuring efficient allocation of resources.

Knowledge and experience

• At least 10+ years of experience in Cybersecurity with hands-on capability is network & other security technologies.
• Knowledge & skills in managing security policies & standards in Microsoft Azure, Active Directory, Office 365, SharePoint platforms
• Comprehensive understanding of Information Security Frameworks (e.g., ISO 27001, NISTCSF and Cyber Essentials) and Privacy regulations, including DPDPA & GDPR
• Experience working with 3rd party partners including upstream service providers.
• Working knowledge of SIEM, Identity and Access Management and Data Loss Prevention tools
• Experience in managing vulnerability and patch management process
• Working knowledge of different security architectures (SOA, Microservices etc) and potential security issues related to them PaaS, IaaS, SaaS and Hybrid cloud solutions.
• Knowledge of security technologies such as IDS/IPS and Firewalls
• Strong experience in delivering IT and OT risk assessment, developing control frameworks and implementation of security controls & process specific to OT/ IoT

Key competencies/behaviours

• Strong written and oral communication skills
• Demonstrates a high level of flexibility.
• Proactive; Influencer; Collaborative
• Ability to prioritise effectively and see the big picture.
• Ability to adapt to new technologies and learn quickly.
• Problem identification, analysis and evaluation
• Detail oriented, organised, and able to handle multiple priorities and timelines simultaneously.

Qualifications

• Bachelor’s degree in computer science or equivalent
• CISSP, CSSP, CISM, Cybersecurity or similar certifications desirable but not essential
• Leading Security Framework understanding (NIST, ISO etc…)

Equal Opportunity Employer

Biocon Biologics is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, colour, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Biocon Biologics also complies with all applicable national, state and local laws governing non-discrimination in employment as well as work authorisation and employment eligibility verification requirements of the Immigration and Nationality Act.