Specialist – Information Security at Dr Reddy's Laboratories Limited

Hyderabad, Telangana, India -

Full Time

Start Date

Immediate

Expiry Date

28 Jun, 26

Salary

0.0

Posted On

30 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Data Loss Prevention, Threat & Vulnerability Management, Attack Surface Management, Email Security, Microsoft 365 Security Stack, Microsoft Defender for Office 365, Data Classification, Incident Response, Networking Fundamentals, Zero Trust Architecture, Agile Project Management, Stakeholder Management, Risk Management, VAPT Concepts, Identity Security, Threat Modeling

Industry

Pharmaceutical Manufacturing

Description

Company Description Dr. Reddy’s Laboratories Ltd. is a leading multinational pharmaceutical company based across global locations. Each of our 24,000 plus employees comes to work every day for one collective purpose: to accelerate access to affordable and innovative medicines because Good Health Can’t Wait. We started in 1984 with a modest investment, 20 employees and a bold vision. Today, we have research and development centres, manufacturing facilities or a commercial presence in 66 countries. For nearly four decades, we have stood for access, affordability and innovation based on the bedrock of deep science, progressive people practices and robust corporate governance. As the pharmaceutical industry evolves and undergoes disruption, we see an opportunity – to strengthen our core further (the next steps) and to build the future (the new bets). ‘The Next and the New’ is how we aim to continue to be the partner of choice – purpose-driven, future-ready and sustainable. Our aim is to reach over 1.5 Bn+ patients across the world by 2030 by growing our core businesses and building for the future with sustainability at the core of our purpose and strategy. Sustainability for us means operating in a manner that respects people, planet and purpose – helping us conserve precious resources, serve our patients, create value for stakeholders, give back to society, fulfil our potential and maintain our integrity and transparency Dr Reddy’s maintains a work environment, free from discrimination and is an equal opportunity employer. We are committed to employ & nurture all qualified diverse workforce without regard to race, colour religion, nationality, sex, age, disability status, genetics, sexual orientation, gender expression, citizenship or any other characteristic or classification protected by applicable law(s) of the country we operate in. We treasure every talent, and recognize merit and diversity in our organization. Job Description We are seeking a hands-on specialist to own enterprise Data Loss Prevention (DLP), Threat & Vulnerability Management (TVM), Attack Surface Management (ASM), and Email Security. This role will design and operate controls that reduce data exfiltration risk, harden attack surfaces, and protect messaging channels. The successful candidate will drive security roadmap, governance, metrics, and incident response across this portfolio, partnering closely with the SOC, Security Engineering, Infrastructure, IT, and Business stakeholders. Qualifications Bachelor of Technology (B.Tech) – Computer Science Engineering 5+ years of relevant experience in core Cybersecurity domains & functions Strong operational knowledge of Microsoft 365 security stack, including: Microsoft Defender for Office 365 (MDO / Defender Email Security) Anti-phishing & Anti-spam policies Safe Links, Safe Attachments URL detonation, sandboxing technologies Deep working experience with Data Loss Prevention (DLP) technologies, including: Endpoint, Network & Email DLP DSPM across Exchange, SharePoint, OneDrive, Teams Data classification & labeling Strong understanding of core cybersecurity principles, including: Defense-in-depth Least privilege Identity security fundamentals Threat modeling Hands-on experience in Incident Response (IR), including: Triage, investigation, containment, and remediation Email threat analysis Data exfiltration investigations Solid foundation in Networking & Security fundamentals, including: TCP/IP, DNS, SMTP, HTTP/HTTPS Firewalls, proxies, VPN, encryption basics Working knowledge of Attack Surface Management (ASM) & Exposure Management, particularly: External asset discovery Vulnerability identification Surface reduction practices Basic to intermediate understanding of enterprise infrastructure components, such as: Azure AD / Entra ID On‑Prem Active Directory (AD) SCCM / Intune Hybrid identity & authentication flow concepts Practical understanding of Security Standards & Frameworks, including: NIST Cybersecurity Framework (CSF) NIST 800‑53 / 800‑171 (basic understanding) ISO 27001:2022 CIS Benchmarks (Windows, M365, Azure) Zero Trust Architecture (ZTA) principles Good exposure to VAPT concepts, including: Vulnerability assessment Penetration testing basics Remediation lifecycle Experience with Risk Management frameworks Strong understanding of Agile project management, including: Sprint planning Backlog grooming Managing security deliverables in agile teams Strong managerial & leadership capabilities, including: People leadership Workload allocation Performance management Skill development & team growth Strong project management skills, including: Planning & execution Milestone tracking Stakeholder management Cross‑functional coordination Excellent communication skills, with the ability to translate technical details for engineering teams and senior leadership. Nice to Have Cybersecurity certifications from recognized bodies such as: SANS / GIAC ISACA (CISM, CRISC, CISA) ISC² (CISSP, CCSP) EC‑Council (CEH, CHFI) CompTIA (Security+, CySA+, CASP+) OffSec (OSCP, OSEP, OSWE) Job Family: Digital Product and Technology Sub Job Family: Information Security Preferred type of working: On-Premise Years of Experience: 3 - 6 Business unit: Corporate

Responsibilities

This specialist will own enterprise Data Loss Prevention (DLP), Threat & Vulnerability Management (TVM), Attack Surface Management (ASM), and Email Security, designing and operating controls to reduce data exfiltration risk and harden attack surfaces. The role involves driving the security roadmap, governance, metrics, and incident response across this portfolio in partnership with various internal teams.