Deputy General Manager
Adani Group
Ahmedabad, Gujarat
Job Description

Unique Job Role

AGM/DGM-Network Security
Date Last Updated

August 2019
Business/Function/Site
Group IT
Department
Group IT
Direct Reporting To (UJR)

Group CISO
Functional Area

(e.g. Sales & Marketing)
IT

Job Purpose
Develop, maintain and oversee implementation of policies related to Info security
Ensure lights-on of IT security operations
Identify and implement relevant technology trends related to information security
Co-ordinate with various Corporate, BU IT and IT outsourcing partner to ensure compliance to defined policies and standards

Accountabilities
No.
Key Accountabilities
1.
Planning, engineering, and monitoring the security arrangements for the protection of the network systems.

2.
Evaluate, design and develop security architecture for new business requirements by performing threat modelling, risk assessment and recommending controls & best practices

3.
Identifying, monitoring, and defining security requirements by evaluating business strategies and requirements; researching information security standards; studying architecture/platform; identifying integration issues.

4.
Review and approve the security design of new projects (network) or impact of changes to existing systems by internal teams or by the service partner(s)

5.
Testing and checking the ecosystem for weaknesses in enterprise network.

6.
Configuring, implementing and maintaining firewalls, intrusion detection systems, virtual private networks, web protocols, and security infrastructure devices.

7.
Determining latest technologies and processes that improve the overall security of the ecosystem.

8.
Using industry-standard analysis criteria to test the security level of the ecosystem.

9.
Developing tracking documents to note system vulnerabilities.

10.
Reporting the security analysis and monitoring findings.

11.
Supervising the configuration and installation of new software and hardware.

12.
Implementing regulatory systems in accordance with security requirements.

13.
Ensure key information security risks, incidents, audit findings and events are monitored and managed; communicate major security breaches / risks to Group CISO

14.
Investigate, review and support timely remediation of information / cyber security incidents with containment controls, forensic investigations, stakeholder communications, corrective and preventive measures

15.
Replacing the security system protocol and architecture, as needed.

16.
Plan security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), MPLS, cloud connectivity, routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.

17.
Design, implement and manage innovative solutions for complex security and ICS infrastructure environments.

18.
Consult on ICS security matters as needed.

19.
Develop secure network topologies to meet demanding industrial process control requirements.

20.
Support ISO27001 related activities and controls implementation with Policies review, support for Risk Assessment and Risk Treatment, Review and implementation of recommended controls

21.
Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.

22.
Define and enforce information security policies & standards for Adani

23.
Prepares system security reports by collecting, analyzing, and summarizing data and trends.

24.
Develop, publish and improve KPI security metrics to demonstrate overall security posture of the organization

25.
Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.

26.
Support IT Security Management for Senior Management liaison with presentations, scorecards, updates, etc.

Competencies
Competencies
Proficiency Level (1-4)
A. Role-specific Competencies

IT Security
4
Enterprise Architecture
4
IT Knowledge Management
3
IT Research & Innovation
3
IT Strategy
3
IT Project Management
3

Experience & Educational Requirements

RELEVANT EXPERIENCE:
(no. of years of technical, functional, and/or leadership experience or specific exposure required)

15+ years of work experience as a network security engineer in a large organization.
Experience in creating and maintaining security ecosystems.
Complete and in-depth knowledge of network management & network security tech
Thorough understanding of the latest technologies, security principles, and protocols, both IT and OT ((including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, and PROFINET)
Expert knowledge of Design and implementation of: large VoIP sites, switches, enterprise routers, firewalls, data center equipment and controller based systems
Experience with ISP/Telco services and circuits including Point to Point circuits, MPLS, Metro-Ethernet Network design concepts
Experience with network monitoring and maintenance tools: prefer: Solar Winds, Op Net IP, IPX, voice andLAN/WAN/WLAN services
Cisco router configuration process
Experience in VoIP, SIP, H.323, QoS, CAC, call routing, Unified Voice Mail and Call Center; Dynamic Routing protocols such as OSPF, EIGRP, RIP, and BGP would be beneficial
Understanding of ICS fundamentals, including but not limited to, distributed control system (DCS) and supervisory control & data acquisition (SCADA) architecture and the role of common system components
Understanding of ICS design considerations with emphasis on the availability/security of operating environment;
Knowledge of IT and OT security best practices and understanding of the differences;
Understanding of protocols common in ICS environments;
Preparation, review, and maintenance of documents, policies, and standards governing the security operations for ICS equipment and networks.
Knowledge of current industry Network and Security Standards such as IEC-62443, NIST, NERC CIP, etc.
GICSP Certification preferred, but not required – Global Industrial Cybersecurity Professional
Understanding of the web-related terminologies and software such as web applications, web related protocols, service-oriented architectures, web services, etc.
Knowledge of computer forensic tools, DLP methods, and disaster recovery methods.

Qualifications

EDUCATIONAL QUALIFICATIONS:
(degree, training, or certification required)

At least one Associate Level Network Certification (CCNA, CCDA, CCNA-Security, etc.). Professional Level or higher (CCNP, CCDP, CCNP – Security, CCNA-Voice etc.) Expert level CCIE,CCIE R &S, JCINE is preferred.
A network engineer degree, telecom engineer degree, or BS/BE degree in computer science, cybersecurity or related IT fields.

Primary Location: IN-IN-Ahmedabad
Work Locations: Ahmedabad Ahmedabad Ahmedabad
Job: Adani
Organization: Corporate Services
Schedule: Regular
Shift: Standard
Job Type: Full-time
Day Job
Job Posting: Aug 13, 2019, 2:12:11 PM