CA Technologies Sr Director, Information Technology in Hyderabad B1Nanakramguda, India
CA Technologies creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments.
- Job Overview*
The Sr. Director Information Security establishes and maintains the enterprise vision, strategy and program to ensure information assets and technologies are adequately protected. The Sr. Director is responsible for all IT security aspects of the organizations information technology and systems, including policies, standards, and oversight of security operations. The Sr. Director Information Security demonstrates expertise in business environments, familiarity with regulations (SOX, ISO 27001, PCI), experience with auditing, risk management, vulnerability assessments, and incident management.
Provide information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information. Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.
Take various input, internal and external, to make course corrections and changes to the Information Security program, roadmap and strategy
Extremely knowledgeable and capable security thought leader able to influence rationale changes to all IT projects related to security improvements
Lead others in the resolution of highly sensitive and confidential issues on behalf of the department. Accountable to deliver responses and actions for audit findings reported by internal and external auditing departments and communicate to Executive Management
May lead forensic investigations and Computer Security Incident Response of significant scope and confidentiality and report back to senior leadership / legal
Provide expert level coaching to junior security staff and act as a role model / mentor; is positioning for a Senior IT Security leadership role
Owns relationships with Senior IT Engineering leadership to ensure critical integrations are occurring between security solutions and infrastructure solutions; most notably when CA integrations can occur, these should be worked through R&D and patents should be pursued
Define requirements for the appropriate level of monitoring, logging and alerting in all security solutions hosted internally or externally such that access controls are enforceable and compliant to business requirements and/or regulations
Drive the implementation of complimentary solutions that improve the effectiveness and reliability of existing or future IT Security solutions
Provide innovation in security knowledge, practices, or procedures by testing and adopting new solutions and methods as part of your department goals
Goal and customer service focused. During times of emergencies, outages and project planned work; be on call and available until the event is addressed. During system conversions, extra effort may be required in order to ensure the roll out of the system is successful.
Perform other job-related duties as assigned and may assume the responsibilities from other security roles occasionally.
Bachelor's degree required, master's degree preferred (major in computer science related discipline or information systems discipline preferred)
15 years of Information Technology experience including 5 years of Cybersecurity Management experience.
Five years’ people management experience including hiring, coaching, and developing internal staff members and managing external resources to achieve goals and deliverables.
Proven ability to lead and influence organizations leaders to support efforts and implementation of strategic initiatives that impact organization's performance, systems, processes and structure.
Must have a solid background in Enterprise-wide Information Security and Risk Management; including Regulatory Compliance, Legal and Privacy laws.
Strong experience handling Security Incidents and conducting Forensic Investigations.
Should have experience in working with a multinational company and with global teams, preferably managing teams across geographical locations.
Proven experience in developing and dissemination of Information Security Policies, Standards and Guidelines.
Experienced in leading application development and/or Application Security with solid knowledge of SDLC.
Excellent understanding of Security Management standards such as NIST CSF (Cybersecurity Framework).
Excellent Interpersonal and Organizational skills to present and provide expert consultation to C/E Level management.
Should be certified in CISSP/CISM/CRISC.
Skills & Competencies*
As an expert in the field, use professional concepts in developing resolution to critical issues and broad design matters
Advanced knowledge of security issues, techniques and implications across all platforms
Provide expert direction to leadership in regard to security technologies and processes; Fully versed on all including emerging technologies, methods, and design considerations
Interpret department strategies and services, resolve conflicts, influence outcomes on matters of significance for the division, conduct final negotiations and coordinate approvals/decision making below the executive level
Expert level understanding of Security Information & Event Management concepts
Expert level understanding of regulatory controls and industry standard like SOX, ISO27000, PCI & SAS70 Type2
Outstanding Oral and Written Communication as well as the ability to interact effectively with peers and Senior Mgmt.
Expert ability to coach and mentor junior staff
Expert level understanding of various operating systems and security configurations within (i.e.: AIX, Mainframe, Redhat, Solaris, Windows, Suse, Cisco IOS, Apple MacOS, Apple IOS, Google Android)
Expert knowledge of IT Security Risk management practices
Expert level familiarly with ITIL practices such as Incident, Request, Change, and Access & Problems Mgmt.
Expert level skills utilizing Microsoft Office applications
Exceptional interpersonal skills in areas such as teamwork, facilitation and negotiation.
Understanding of the political dynamics of the enterprise and ability to navigate them.
Excellent analytical and technical skills. Broad range of management, business, and leadership skills required.
Excellent planning and organizational skills. Proven ability to manage concurrent complex projects.
Ability to effectively manage time and costs through activity duration, sequencing, estimating, schedule development and control, resource planning and cost estimating and budgeting and control using program management practices.
Proven ability to manage programs across global centers.
Ability to effectively manage risk through risk identification, quantification and control using formal program management practices.
Ability to understand the long-term ('big picture') and short term perspective of situations.
Ability to estimate the financial impact of alternatives.
Ability to apply multiple technical solutions to business problems.
Ability to quickly comprehend the functions and capabilities of new technologies.
Expected to understand and apply system management, performance timing and troubleshooting techniques.
Remain unbiased toward any specific vendor or technology choice; is more interested in results than in personal preferences.
Interprets department strategies and services, resolves conflicts, influences outcomes on matters of significance for the division, conducts final negotiations and coordinates approvals/decision making below the executive level.
Displays intellectual integrity
Has completed all relevant certifications in Security field. CISSP, CISM & ITIL v3 are required; for selected candidates not possessing these certifications, they must be attained within the first year. CCFE, CHFI or other forensics certification desired.
If you want to fulfill your potential, be acknowledged for your achievements, and be given autonomy to make decisions for your business and customers; if you want to work with a company that respects you as an individual - recognizing both your needs at work and your responsibilities outside of it - then CA Technologies is where you belong. At CA Technologies your passion and expertise can directly impact the business and you’ll help offer our customers practical approaches to delivering new, innovative services and value through IT.
Learn more about CA Technologies and this opportunity now at http://ca.com/careers
/ Note to Recruiters and Placement Agencies: We do not accept unsolicited agency resumes. Please do not forward unsolicited agency resumes to our website or to any of our employee. We will not pay fees to any third party agency or firm and will not be responsible for any agency fees associated with unsolicited resumes. Unsolicited resumes received will be considered our property and will be processed accordingly./