Job Description:

The Head IT (Risk & Security) Operations is responsible is as follows

The position will directly report to Chief Information Security Officer

We seek any qualified and certified persons who have experience as described below

Core responsibilities include

- Overall technology evaluation and selection to meet the agreed upon security architecture plan

- Management of IT Security systems and applications

- Application Security

- Management of Security staff and Security Operations Centre (SOC)

- Security and Business Continuity and Disaster Recovery Planning (BCDR)

- Authentication, identity and access management

- Perimeter, System, and Application Vulnerability Management

- Information Technology (IT) and Business Process risk management (financial systems, etc)

- Computer Emergency Response Team / Computer Security Incident Response Team

- Knowledge on forensic investigations, digital forensics, eDiscovery

- Support risk assessment and its mitigation across IT Services

- Manage Outsourced Partners towards effectiveness in Outsourced Operations

- Communications of situational status when security events occur

DUTIES AND RESPONSIBILITIES

IT Security Operations

- Responsible for the Operational and Tactical leadership of the Banks information security program

- Work withbanks leadership to oversee the formation and operations of a Bank-wide information security operations that is organized toward a common goal in information security as desired by regulator

- Promote collaborative, empowered working environments across bank, removing barriers and realizing possibilities

- Manage bank-wide information security governance processes, support the Information Security Advisory Committee and lead Information Security Operations Liaisons in the establishment of an information security program and project priorities

- Lead information security planning processes to establish an inclusive and comprehensive information security program for the entire bank in support of an entire suite of banks application &information systems and technology

- Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements

- Stay abreast of information security issues and regulatory changes affecting banking operations, participate regulatory requirements on security policy and practice discussions, and communicate to Banks Leadership team on a regular basis about those topics

- Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position

- Perform special projects and other duties as assigned

- Lead in the adoption and enforcement of Information Security policies, procedures and standards Conduct and complete annual review of required RBI regulations and reports

- Maintain the Banks Security Policies from IT Department per se along with Chief Information Security Officer

- Maintain the Banks Security Procedures in the outsourced scenario that include

- Evaluation and compliance with security measures

- Disaster Recovery and Emergency operating procedures

- Security Incident Response and process protocols including Incident Reporting and Sanctions

- Testing of security procedures, mechanisms and measures

- Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted patient data and protect against reasonably anticipated threats and hazards

- Oversee and/or assist in performing on-going security monitoring of organization information systems

- Ensure compliance through adequate training programs and periodic security audits These audits should be both internal and external in nature

IT Risk Management

- Risk Identification, Assessment and Evaluation KEY PERFORMANCE AREAS (KPA- S) Identify, assess and evaluate risk to enable the execution of the enterprise risk management strategy

- Identify legal, regulatory and contractual requirements and Banks policies and standards related to information systems to determine their potential impact on the business objectives

- Identify potential threats and vulnerabilities for IT processes, associated data and supporting capabilities to assist in the evaluation of enterprise risk

- Create and maintain a risk register to ensure that all identified risk factors are accounted for

- Assemble risk scenarios to estimate the likelihood and impact of significant events to the organization

- Develop a risk awareness program and conduct training to ensure that stakeholders understand risk and contribute to the risk management process and to promote a risk-aware culture

- Correlate identified risk scenarios to relevant IT processes to assist in identifying risk ownership

- Validate risk appetite and tolerance with senior leadership and key stakeholders to ensure alignment

- Risk Response Develop and implement risk responses to ensure that risk factors and events are addressed in a cost-effective manner and in line with IT objectives

- Monitor and communicate key risk indicators (KRIs) and management activities to assist relevant stakeholders in their decision-making process

- Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively

- Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements

EDUCATION, CERTIFICATIONS AND/OR EXPERIENCE

- College degree in Technology (BE-IT) or its equivalent preferred

- Certifications in CISM/CISSP/CISA will be considered as value addition

Profile Summary:

Employment Type : Full Time
Salary : Not Mentioned
Deadline : 20th May 2020

Key Skills:

Why not try out our free online tutorials and gain an edge?

People who search this job also searched for the following Keywords

Sourced**

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status