Lead Information Security - IT - India

Job no: IND2025-CTOB19
Work type: Permanent - Full Time
Location: India
Categories: Mid-Senior Level

Apply now

Lead Information Security

 

Role Profile:

 

This role involves leading and developing information security aspects for new and existing technologies and project requirements. The successful candidate will work closely with business stakeholders and IT teams to define, architect document, and implement security controls that ensure the availability, integrity, and confidentiality of our information assets.

 

The below Key Performance Areas include but are not limited to:
  • Key responsibilities include providing subject matter expertise in the design, operation, and maintenance of security requirements across the organization. The role will enable internal stakeholders to create a best-in-class ecosystem to support Alshaya  information security needs. This role is also responsible for promoting agreed-upon architectural principles, standards, and design patterns, and advising on security requirements for multi-cloud and/ on-premises solutions. 
  •  
  • The ideal candidate will collaborate with and influence cross-functional teams to help address security risks unique to each business divisions's risk profile. 
  •  
  • Roles and responsibilities include: 
  •  
  • Design and implement tailored security solutions that meet Alshaya's requirements, including creating detailed security blueprints for both on-premises and cloud-based applications. 
  • Analyze current and target state architectures to develop a security strategy, identify design gaps, and propose solutions to prevent recurring threats. 
  • Develop techniques and patterns for secure integration with external vendors and cloud providers. 
  • Lead the planning, design, documentation, and engineering of Alshaya-wide security and compliance solutions. 
  • Absorb and understand business requirements, and ensure security requirements and controls and enforced 
  • operate Architect, design, implement, maintain, and security controls and countermeasures for information systems. 
  • Evaluate and architect technologies designed to protect information. 

 

 

  • Create and maintain processes and procedures within the security architecture domain. 
  • Identify and mitigate security risks through threat modelling and security gap assessments. 
  • Collaborate with peers to ensure compliance with relevant regulatory and contractual security requirements. 
  • Communicate & enforce security policies and procedures and requirements clearly to both technical and non-technical stakeholders. 
  • Conduct complex risk analyses for information systems' security and recommend innovative solutions. 
  • Work with users, developers, third party providers, and other technical stakeholders to integrate security considerations into development and operational decisions. 
  • Ability to identify threats/risks 
  • Ability to apply knowledge of security domains including but not limited to common threats and vulnerabilities, Network, Identity, and Backup to different business scenarios 
  • Extensive ability to estimate, plan, lead and execute complex technical projects while working independently and/or in a team. Undertaking and completing project tasks on schedule with minimal to no supervision. 

 

Knowledge: 

 

  • Hands on knowledge to complete assessments using industry-standard and organizationally accepted analysis principles and methods. 
  • Advanced knowledge of common attacks, attack methods, and defense architectures. 
  • Familiarity with cybersecurity frameworks and standards (e.g., ISO 27000, NIST, PCI) and industry-relevant regulations guiding architectural requirements. 
  • Experience in developing and designing security best practices for all layers of the hosting and application stack in both cloud and on-premises environments. 
  • Ability to establish strategies for and implement cloud enterprise solutions in AWS, GCP, or Azure. 
  • Knowledge of Identity and Access Management (IAM), cryptography/key management, secrets management, access controls, and security protocols (e.g., multi-factor, SAML, OAuth, OIDC). 
  • Understanding of application security implementations and best practices. 
  • Proficiency in threat modeling (e.g., STRIDE, PASTA, OCTAVE). 
  • Knowledge of cryptographic technologies, including transit encryption, storage encryption, hashing, KMS, digital signatures, etc. 
  • Subject matter expertise in cloud architectures, secure integrations, data protection, IT risk, network security, application security, and Identity and Access Management. 
  • Deep knowledge of securing complex hybrid architectures. 

 

Experience: 

 

  • 5-6 years of relevant security architecture experience 
  • Bachelors , Computer Sciences, Computer Engineering, Information Security, or other related engineering degree, or equivalent experience. 

 

 

Advertised: India Standard Time
Application close: India Standard Time

Apply now

Back to list Refer a friend