• Manager/Senior Manager - Information Security/Risk Management - BFSI Jobs in Delhi Ncr - 23838793

  • Crescendo Global
  • Delhi Ncr

Job Description:



Position Manager/Sr Manager - Information Security Risk Management

Reporting to Vice President - Information Security

Location Gurgaon

Team size (D/I) IC role

JOB SUMMARY

- To implement Information Security framework based on ISO 27001 framework and NIST guidelines

- Manage and maintain Business Continuity framework for MLI based on ISO 22301 standard

- To drive Privacy Protection initiatives across the enterprise to ensure effective protection of customer PII data

- To ensure organization meets all Regulatory guidelines including IRDAI Cyber Security Guidelines

- To ensure adherence to the defined IS and BCP policies and Procedures by conducting periodic reviews

- Managing all Internal and External Audits for IS

- To ensure the protection of all Information assets by establishing and maintaining secure architecture, review of new applications and infrastructure, carrying out Ethical Hacking and Red Teaming exercises

KEY RESPONSIBILITIES

IS Governance

1 Maintain a schedule for timely submission of InfoSec and IT-related issues, risk items, action points and updated policies to the Information Security and Business Continuity Committee and Management Risk Committee

2 Monitor and review the overall IS and IT risk posture of the organization

Risk Management

1 Identify, assess, prioritize, manage and monitor the Information Security Risks across various function

2 Formulate a framework to manage and monitor Information Security Risks and prepare an Enterprise wide Information Security Risk Management Report

3 Track the Information Security risks along with their mitigation status, which would result in measuring the effectiveness of information security posture of the organization

Privacy Governance

1 Maintain privacy governance framework

2 Oversee the implementation and review of privacy controls

3 Develop categories and definitions that provide guidelines used to determine the appropriate level of protection for information required for Max Life Insurance

4 Develop and maintain internal policies, standards, processes, procedures, and practices that prevent and detect fraud, misuse, and abuse of customer PII information

5 Ensure that Privacy Impact Assessments are carried out on all new projects where required

Regulatory Compliances

1 Ensure compliances to all regulatory guidelines including IRDAI Cyber Security guidelines, Aadhaar and IRDAI ISNP Ecommerce Platform guidelines

Vendor Risk Governance

1 Review vendor contracts to ensure that risk management requirements are defined and addressed

BCM Governance

1 Review and ongoing maintenance of BCM governance framework

2 Oversee the development and testing of BC/DR plans

3 Designing, Updating and Reviewing Business Continuity Plans with respective functional owners

4 Coordinating with various stake holder for updating and maintaining Business Continuity Plans in Max Life

Cyber Security ;

1 Identification and assessment Information Security Risks in Application Security projects

2 Identification and assessment Information Security Risks in Ethical Hacking and Penetration Testing project

3 Understand and maintain DLP and IRM tools to ensure proper protection of customer PII data

4 Assess Cloud Infrastructure and applications and propose and implement various security strategies to ensure protection of Cloud Assets

SKILLS

1 Strong influencing, networking skills

2 Analytical skills and process orientation

3 Strategic thinking and decision-making capabilities

4 Self-starter with strong self-motivation and a capacity to improve

5 Strong Presentation and communication skills

MEASURES OF SUCCESS

1 Reduction in security, continuity and privacy-related risk issues for Max Life Insurance

2 Adherence to regulatory guidelines on information and cyber security

3 Adherence to ISO Standards on security and continuity

4 Protection against cyber threats/ Attacks

5 Awareness around IS/ BCP

6 No Leakage of customer data

Desired qualification and experience

- Graduate in Computer Science or IT

- Professionally qualified (MBA / MCA / BE / BTech) with suitable IS certifications (ISO 27001, ISO 22301, Security +, CISSP/ CISM desirable )

- Should have worked in IS function in an IT / BFSI organization

- Could also be from an Information Security background from one of the big accounting firms

- Provide 4 to 7 years of experience working on Information Security and minimum 2 to 3 years in implementing and monitoring Business Continuity and Disaster Recovery Services or handled BCP on behalf of large departments

Profile Summary:

Employment Type : Full Time
Salary : Not Mentioned
Deadline : 18th Apr 2020

Key Skills:

Taking these free online tutorials can help you get your next job

People who search this job also searched for the following Keywords

Sourced**

Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status