Website:
generalmills.co.in
Job details:
Position TitleAssociate Manager, Cyber Security
Function/Group
Digital and Technology
Location
Mumbai
Shift Timing
12 to 9pm IST
Role Reports to
D&T Head - Cyber security Enterprise Architecture
Remote/Hybrid/in-Office
Hybrid
About General Mills
We make food the world loves: 100 brands. In 100 countries. Across six continents. With iconic brands like Cheerios, Pillsbury, Betty Crocker, Nature Valley, and Häagen-Dazs, we’ve been serving up food the world loves for 155 years (and counting). Each of our brands has a unique story to tell.
How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate
us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out http://www.generalmills.com
General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of our global organization delivering business value, service excellence and growth, while standing for good for our planet and people.
With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC) , Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI) , Global Shared Services (GSS) , Finance Shared Services (FSS) and Human Resources Shared Services (HRSS).For more details check out https://www.generalmills.co.in
We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow.
Job Overview
Function Overview
The Digital and Technology team at General Mills stands as the largest and foremost unit, dedicated to exploring the latest trends and innovations in technology while leading the adoption of cutting-edge technologies across the organization. Collaborating closely with global business teams, the focus is on understanding business models and identifying opportunities to leverage technology for increased efficiency and disruption. The team's expertise spans a wide range of areas, including AI/ML, Data Science, IoT, NLP, Cloud, Infrastructure, RPA and Automation, Digital Transformation, Cyber Security, Blockchain, SAP S4 HANA and Enterprise Architecture. The MillsWorks initiative embodies an agile@scale delivery model, where business and technology teams operate cohesively in pods with a unified mission to deliver value for the company. Employees working on significant technology projects are recognized as Digital Transformation change agents.
The team places a strong emphasis on service partnerships and employee engagement with a commitment to advancing equity and supporting communities. In fostering an inclusive culture, the team values individuals passionate about learning and growing with technology, exemplified by the "Work with Heart" philosophy, emphasizing results over facetime. Those intrigued by the prospect of contributing to the digital transformation journey of a Fortune 500 company are encouraged to explore more details about the function through the following Link
Purpose of the role
Manage cyber security incident response. Lead the CSIRT team to rapidly respond to and contain cybersecurity incidents while ensuring incident response procedures align with enterprise standards and industry best practices. Partner with technology teams to continuously refine response processes, guide tactical detection, analysis, and investigation activities, and lead the design, implementation, and administration of the cybersecurity incident response program across people, processes, and technology.
Key Accountabilities
Core Responsibilities
- Lead a 24x7 Cyber Security Incident Response Team responsible for alert triage, incident validation, investigation, containment, escalation, and coordination of cybersecurity threats.
- Build and lead a high-performing team of incident responders who are strong investigators, sound decision makers, and empowered operators with the authority to contain threats in accordance with approved procedures.
- Own day-to-day cyber incident response operations and ensure incidents are handled with speed, consistency, quality, and accurate tracking in approved systems.
- Develop, implement, maintain, test, and annually review the Cybersecurity Incident Response Plan, playbooks, and response procedures to ensure alignment with Enterprise standards and industry best practices.
- Coordinate cyber incident handling with disaster recovery, business contingency planning, senior management, and key technology stakeholders, including appropriate escalation and controlled communications.
- Establish and monitor key operational metrics, including response time, containment time, case quality, and playbook adherence, and periodically test team capabilities against service levels.
- Lead post-incident reviews, root cause analysis, and lessons learned, and drive continuous improvement across detections, playbooks, automations, and response processes in partnership with detection engineering, threat hunting, and platform teams.
- Identify skill gaps across IR functions (DFIR, threat hunting, malware analysis, cloud IR, OT security, AI security, automation, etc.)
- Ensure structured upskilling pathways with certifications, labs, simulations, and hands-on exercises
- Build succession plans for critical roles
- Rotate team members across different incident types and specializations to avoid stagnation
People Responsibilities
- Lead hiring, onboarding, workforce planning, and shift/coverage management for a 24x7 incident response team.
- Build team capability through coaching, training, scenario-based exercises, and stretch opportunities that develop responders into stronger investigators and decision makers.
- Set clear performance expectations, measure results through defined KPIs, and hold team members accountable for quality, speed, and sound judgment.
- Conduct regular 1:1s, provide timely coaching and feedback, and create meaningful development plans for each team member.
- Foster a culture of calm execution, accountability, collaboration, and continuous learning during high-pressure incident response.
- Ensure team members understand and follow cybersecurity policies, standards, and response procedures.
- Build and strengthen Team Capability Building
- Create individualized development plans for each analyst based on strengths, aspirations, and business needs
- Conduct quarterly career conversations, not just performance reviews
- Help team members understand possible cyber career paths
- Coach analysts on executive communication and stakeholder management, not only technical depth
- Operational Excellence Through People
- Encourage automation mindset to reduce repetitive analyst fatigue
- Ensure knowledge is documented and not concentrated people
Partnerships and Benchmarking
- Partner with internal technology, infrastructure, identity, endpoint, cloud, legal, privacy, and communications teams to improve preparedness and response effectiveness.
- Maintain strong relationships with peer security leaders, industry partners, and key vendors to benchmark capabilities and stay current on leading practices.
- Leverage external intelligence, peer benchmarking, incident trends, and industry developments to improve team processes, playbooks, and tooling.
- Serve as a key liaison to higher-tier detection and threat hunting teams to ensure effective escalation paths, feedback loops, and operational alignment.
Minimum Qualifications
Minimum Degree Requirements
Bachelors
Preferred Degree Requirements
Masters
Preferred Qualifications
- Experience designing or governing SOAR-assisted workflows, especially enrichment, case preparation, and containment decisions.
- Demonstrated ability to coach analysts into stronger investigators, not just stronger process executors.
- Strong understanding of how to balance speed, business risk, and control in containment decisions.
- Experience partnering with threat intelligence, threat hunting, detection engineering, identity, endpoint, and network teams.
- Experience building or maturing an incident response function that combines investigator judgment with automation and orchestration.
Preferred Certifications
GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH), CompTIA Cybersecurity Analyst (CySA+), EC-Council Certified Incident Handler (ECIH)
Click on Apply to know more.