Lead - IS Governance

aBout upl:

UPL is focused on emerging as a premier global provider of total crop solutions designed to secure the world’s long-term food supply. Winning farmers hearts across the globe, while leading the way with innovative products and services that make agriculture sustainable, UPL is the fastest growing company in the industry. Our successes in the field add up to powerful financials. UPL delivers results from protecting crops that translate into attractive investor value. Based on the recognition that humankind is one community, UPL’s overarching commitment is to improve areas of its presence, workplace, and customer engagement.

Our purposeis‘OpenAg’.An Open agriculture network that feeds sustainable growth for all.No limits, no borders.

Job Purpose:

The person in this position is responsible for a broad range of tasks, including rolling out of IS Policy, Processes, monitoring and review of the processes, KPIs measurement and reporting and continuous improvement. The person will be responsible for rollout of IT Risk Management, Security Reviews for IT Projects, IT General Controls, Data Privacy, Audits and Assessments, End user awareness and communications.

Job Responsibilities:

UPL is seeking an IS Governance Expert with relevant skills and experience, delivering ’hands-on’ implementation of ISO27001 / IS Policy Rollout and Sustenance/ Risk Management / IT General Control.

• Define enterprise security architecture framework
• Develop and maintain security strategy
• Develop and manage enterprise-wide policies, standards, and guidelines in accordance with regulatory requirements and industry leading practices
• Support projects in ensuring policies are incorporated correctly
• Liaise with the teams on special projects regarding IS controls implementation.
• Manage security budgeting and tracking
• Assess and manage security risks for the organization
• Privacy Policy and Data Leakage Prevention Policy and Process.
• Lead as security PM for various security initiatives
• Involved in the identification and shortlisting of technical security controls and frameworks
• Responsible for defining the minimum baselines security standards for all technology solutions in the organization which includes the rulesets for various devices
• Involved in identification of security requirements during the system development lifecycle
• End User Communication and Security Awareness Campaigns and Programs
• Create various IS metrics and dashboards including GRC Dashboard / CIO dashboard
• Monitor and implement IT Service / Information Security metrics as determined by Service Owners, Managers and Senior Management.
• Publish annual calendar of various governance activities
• Experience applying the ITIL framework in a way that successfully meets the needs of the organization.
• Process development (policy, processes, procedures, checklists, templates) and communication to relevant stakeholders through formal and informal methods of training, workshops, mailers, discussions etc.,
• Facilitate service review / process review meetings and continuous improvements
• To Develop a Business Continuity Plan for the IT Services.
• Ability to create a collaborative environment and facilitate cross-functional teams for IS / IT initiatives.

Skill Requirement:

• Overall, 6-12 years working in IT services/consulting industry with 5-9 years exp. in rollout and sustenance of IS Policy, Risk Management, Security Frameworks, ITIL/ITSM processes at Enterprise level with around 10000 users.
• Minimum Engineering graduate.
• CISA, CISM, CRISC - Any one of these
• ISO27001 Implementor – Must
• ISO27001 LA / ISO22301 / ISO31000 - Preferred
• Hands on work experience in rolling out ISO27001, IS Policies, Risk Management & Security Frameworks,
• Expert in Mapping of IS Controls to the IT Processes.
• Capable of independent preparation of blueprint and identification of gaps for rollout of IS Policy
• Highly skilled in converting IT general controls requirements into business requirements / technical requirements and driving it.
• Developed service reports using BI tools the KPIs agreed with business/clients
• End User Security Awareness Programs and Campaigns using various media.
• Practical experience of rollout of security tools and controls on Infrastructure tools (i.e. Active Directory, O365Mail, Alert and Systems Management)
• Worked on Projects as Project Manager in line with PMP principles.
• Excellent written and presentation communications skills
• Experience creating data-driven IT support metrics and trending analysis.
• Positive “can do” attitude and alignment to a concept of "Team" Strong customer service and written and verbal communication skills.

KPIs for the IS Governance Manager:

• Establishing governance processes, architecture, and standards for IS / IT services
• Maintain IS Policy and Security / Risk Frameworks and ensure and report compliance to the same.
• Maintaining service communication with business stakeholders
• Information Security Awareness for end users
• IS Policy/ Controls reporting and dashboards
• Project Management processes should be followed uniformly, and progress reported.

Location:Mumbai, India

We are one team, for maximum impact. One team with shared goals. We all play for the team and no one plays against the team. We have a laser-like focus on what our customers need and want, on anticipating their future needs and on how we can create innovative solutions and experiences for them.