Sign In
 [New User? Sign Up]
Mobile Version

CIO IT-Incident Lead

Mumbai, MH
Job Code:
  • Oil & Gas
Applying for this job will take you to an external site
  • Shortlist
  • Email Friend
  • Print

Job Details

To lead a global team of CyberDefence Response and Investigations analysts. To develop and maintain the necessary CyberDefence skills, to continuously improve Shell's Cyber Response and Investigation processes and to plan and develop the necessary technology. To coordinate major security incidents and lead the investigation and response.Accountabilities Incident Response Lead adequate Incident management including initial investigation and triage, containment and limiting of Business impact, further detailed forensic investigation and root cause analysis. Coordinate the investigation and response of major security incidents and to provide verbal and written communication to executive stakeholders in IT, Business and EC Ensure timely updates to direct leadership and senior leaders. Additional duties will include continuous testing processes including development and execution of enterprise tabletop and wargame exercises (Red Button), process optimization and routine case work support. Ensure security incident registration and provide overviews and reporting on security incidents for stakeholders in Information Risk Management, IT and various Audit Committees. Together with the Monitoring Lead and Threat and Analytics Lead create a feedback loop to enhance the monitoring technology.IT Forensics Ensure he IT forensic investigation support for IRM incidents with a virtual team of investigatorsGeneric Together with the Monitoring Lead ensure end to end management of cyber security related incident functions, which include security monitoring, identification, analysis, mitigation and post-incident activity. Lead the community of Cybersecurity specialists, develop and maintain the skills of analysts, provide training, and bring in new talent. Ensure integration into the near 24/7 CyberDefence centers in Rijswijk, Bangalore and Houston Together with Analytics Engineering develop and optimize the technology that is supporting, IT forensics, incident investigation and data harvesting. Build and manage the relationship with other incident management teams within our main IT suppliers Continuously improve the Information Risk incident management process. Steer projects in the CyberDefence space that are related to incident management.Dimensions This is an ITE-3 position reporting to the Security Incident Response manager. The team lead will directly manage a team of 12 incident analysts located in Houston, Rijswijk and Bangalore. The team lead will be responsible for addressing all Information Risk incidents with a potential Business loss exceeding $100 Million.Special Challenges The team lead is responsible to improve the reporting on security incidents to stakeholders. The team lead also needs to start leveraging the IRM Investigation Platform for investigations. The team lead needs to sustain effective incident investigation and response capabilities with current developments in IT such as the transition of IT to the Cloud and the increased use of Bring Your Own Device. The team lead is part of an on-call procedure to enable 24/7 response capabilities.Additional comments Due to the necessary handling of and access to highly sensitive and privileged information, the successful applicant of this position will need to agree to additional screening being conducted, before appointment. This would include the confirmation of CV, identity, right to work and qualifications, as well as checking additional items such as company directorships, credit/bankruptcy check and criminal record, as allowed under local legislation. RequirementsExperience and Qualifications required Is a knowledgeable, creative and responsible IT security professional. Has excellent analytical skills and appreciates a technical challenge. Has a good technical understanding of and experience with IT networks, infrastructure and applications. Has a passion for IT technology and is able to share that with other members of the team. Has good written and verbal communication skills and provides well-informed advice. Produces high quality deliverables in terms of both content and presentation. Examples of deliverables include reports, presentations and reasoned arguments. Carries out assignments and projects, alone or as part of a team, applying knowledge, skills, and experience. Demonstrates an understanding of the issues of interest to Shell and proposes viable solutions within the scope of own expertise, taking into account the needs of those affected. Maintains knowledge and experience of current practice within own area of expertise and is aware of current developments within own area of expertise. Develops and maintains knowledge of Cyber security and maintains an awareness of current developments. Promotes transfer of knowledge and awareness of information security to those in related areas. Is comfortable working virtually. Significant experience in technical IT, architecture, networking, and application hosting environments. Knowledge of, or experience in Incident Management, Forensics, or equivalent preferred. Strong knowledge of IT controls developments and practices, both inside and outside own organisation. Is respected for the pragmatic application of IT Controls principles to practical problems. Strong working knowledge of today's threat landscape. Proven experience in team leadership and development. Recognised and respected leader and able to influence without direct line management controls. Excellent communication, facilitation and negotiation skills. Good grasp of financial management and controls. Track record of leading, coaching and developing others. Sense of realism and pragmatism, openness and approachability. Comfortable working with, and leading through uncertainty, complexity, ambiguity and incomplete information. Deep understanding of global developments in Information Risk Management and Cyber Security. Courage to stand up for IRM requirements in the face of considerable senior stakeholder challenge. Strong personal network of international CISOs and leading academics to organise effective external collaborations on IRM. Extensive experience with and knowledge of the Shell IT organisations and environments Credibility with Shell IT Executive members that the right balance between usability, cost and security can be found. Excellent communication skills to engage at all levels in the Shell organisation. Experience with IT Audit processes. Certification in Information Security (SANS), Incident Response/Investigations, IT forensics, Attack and Penetration Testing, Ethical Hacking or IT Audit preferred.Key Competences requiredDemonstrated evidence of Enterprise first values and behaviours will be taken into account during the selection process. Business Analysis Skill Cyber Defence Mastery Hosting (On-Premise and Cloud) Skill Information and Data Management Skill Information Risk Management and Assurance Mastery
Degree: M.Com. (Commerce) | M.Pharm. (Pharmacy) | M.Sc. (Science) | MA (Arts) | MBA/ PGDM | MCA/ PGDCA

Additional Degree: BE/ B.Tech (Engineering)

Experience: 2-6


Application Programming | Software Engineer | System Analyst/Tech Architect | System Security
Applying for this job will take you to an external site


© Copyright 2015 Al Nisr Publishing LLC - powered by Gulf News