Apply now »

Job Title:  Principal Information Security Specialist

Job Code:  8724
Country:  IN
City:  Mumbai
Skill Category:  IT\Technology
Description: 

Key objectives critical to success:

An individual with extensive experience in data security at an enterprise level. The role will require in-depth understanding of cyber security data principles, technologies and best practices. This is a technical leadership position that requires previous experience with the different cyber security solutions/products and technology. The successful candidate will be responsible for driving data security architecture practices and patterns across Nomura to ensure that projects, software and services meet defined security standards.

The team’s focus is to utilise industry frameworks to embed a security reference architecture for

the design, implementation and enhancement of our security controls and roadmaps for our security technologies. Successful candidate will be expected to demonstrate relevant experience working in a dynamic environment dealing with complex data security challenges, and communicating to all levels of the business, domestic and international entities, provide subject matter expertise and serve as trusted advisor to the broader technology functions and business lines.

 

Responsibilities:

    • Develop and maintain a deep understanding of the organization's Data Security & Protection ecosystem i.e. Data ( At rest, In use & In transit)
    • Design and implement a comprehensive security architecture framework and optimized integrated architectures for data protection critical domains.
    • Continuously develop and mature the program and roadmaps in line with Global compliance & regulatory requirement in-line with industry best practice and the evolving threat landscape.
    • Develop and maintain security policies and standards for data protection, secrets management and cryptography.
    • Provide guidance and technical leadership to project teams to ensure data security & privacy requirements are properly integrated into software development and infrastructure projects.
    • Partner and collaborate with cross-functional teams including the Global Data Management Group to identify and address data security risks across the organization.
    • Extensive experience in Cyber Risk domain focused to Data protection lifecycle management security, management & reliability controls.
    • Good working knowledge of current cyber risk threat vector & on-ground operational challenges.
    • Understand & able to define Enterprise Cryptography & PKI solutions and patterns to protect sensitive data and secrets.
    • Holds hands-on experience around planning, research & designing tailored Data protection & privacy platforms like; Data Classification, DLP, IRM, DAG and DAM to deliver quantitative KPI’s for BAU operations.
    • Stay up-to-date with industry best practices and emerging trends in data protection, secrets management and cryptography, and incorporate them into the security architecture framework.
    • Experience coaching, mentoring and leading less experienced colleagues.
    • Able to collaborate with other business stakeholders with innovative thought process for seamless integration and implementing required engineering safeguards.
    • Able to align security data architecture with Enterprise level Data protection Strategy & key objectives. 

 

 

 

 

Skills, experience, qualifications and knowledge required:

 Established Data Security Architect with at least 14+ years within the broader IT Security disciplines

and technologies.

  • At least 12+ years of experience in data security architecture, with a Secure Data Protection & Security approach.
  • Experience with cloud security, especially related to data protection and secrets management.
  • Experience with developing requirements and models for the future-state, current state and gaps in data
  • Data security architecture experience in applying enterprise architecture principles and methods in supporting IT programs and Projects
  • Demonstrable understanding of security solutions and designs from a people, process and technology
  • Strong knowledge of encryption standards and technologies, such as AES, RSA, and PKI.
  • Familiarity with secrets management tools and technologies
  • Experience with Data Protection & Privacy compliance standards and regulations
  • Knowledge of established Data security frameworks and standards aligned to globally accepted compliances like; (i.e. NIST, ISO2700, CSA, SCF, GDPR, CCPA etc.) and their application into diverse environments.
  • Cyber Security related qualification (s) such as CISSP, CISM, CISA, CRISC
  • Technical Data Protection platform specific certifications is must.
  • Strong relationship, communication and stakeholder management skills. Ability to deal effectively with key stakeholders, internal and external to the Technology Division
  • Ability to act pro-actively to ensure and effectively collaborate with regional and global counterparts
  • Excellent interpersonal skills (verbal & written) with the ability to build and influence; and self-motivated
  • Committed to continuous improvement for team and self.
  • Ability to run with a number of tasks concurrently and manage expectations appropriately

Apply now »