• Manager/Senior Manager - Information Security/Risk Management - BFSI Jobs in Delhi Ncr - 23838793

  • Crescendo Global
  • Delhi Ncr

Job Description:

Position Manager/Sr Manager - Information Security Risk Management

Reporting to Vice President - Information Security

Location Gurgaon

Team size (D/I) IC role


- To implement Information Security framework based on ISO 27001 framework and NIST guidelines

- Manage and maintain Business Continuity framework for MLI based on ISO 22301 standard

- To drive Privacy Protection initiatives across the enterprise to ensure effective protection of customer PII data

- To ensure organization meets all Regulatory guidelines including IRDAI Cyber Security Guidelines

- To ensure adherence to the defined IS and BCP policies and Procedures by conducting periodic reviews

- Managing all Internal and External Audits for IS

- To ensure the protection of all Information assets by establishing and maintaining secure architecture, review of new applications and infrastructure, carrying out Ethical Hacking and Red Teaming exercises


IS Governance

1 Maintain a schedule for timely submission of InfoSec and IT-related issues, risk items, action points and updated policies to the Information Security and Business Continuity Committee and Management Risk Committee

2 Monitor and review the overall IS and IT risk posture of the organization

Risk Management

1 Identify, assess, prioritize, manage and monitor the Information Security Risks across various function

2 Formulate a framework to manage and monitor Information Security Risks and prepare an Enterprise wide Information Security Risk Management Report

3 Track the Information Security risks along with their mitigation status, which would result in measuring the effectiveness of information security posture of the organization

Privacy Governance

1 Maintain privacy governance framework

2 Oversee the implementation and review of privacy controls

3 Develop categories and definitions that provide guidelines used to determine the appropriate level of protection for information required for Max Life Insurance

4 Develop and maintain internal policies, standards, processes, procedures, and practices that prevent and detect fraud, misuse, and abuse of customer PII information

5 Ensure that Privacy Impact Assessments are carried out on all new projects where required

Regulatory Compliances

1 Ensure compliances to all regulatory guidelines including IRDAI Cyber Security guidelines, Aadhaar and IRDAI ISNP Ecommerce Platform guidelines

Vendor Risk Governance

1 Review vendor contracts to ensure that risk management requirements are defined and addressed

BCM Governance

1 Review and ongoing maintenance of BCM governance framework

2 Oversee the development and testing of BC/DR plans

3 Designing, Updating and Reviewing Business Continuity Plans with respective functional owners

4 Coordinating with various stake holder for updating and maintaining Business Continuity Plans in Max Life

Cyber Security ;

1 Identification and assessment Information Security Risks in Application Security projects

2 Identification and assessment Information Security Risks in Ethical Hacking and Penetration Testing project

3 Understand and maintain DLP and IRM tools to ensure proper protection of customer PII data

4 Assess Cloud Infrastructure and applications and propose and implement various security strategies to ensure protection of Cloud Assets


1 Strong influencing, networking skills

2 Analytical skills and process orientation

3 Strategic thinking and decision-making capabilities

4 Self-starter with strong self-motivation and a capacity to improve

5 Strong Presentation and communication skills


1 Reduction in security, continuity and privacy-related risk issues for Max Life Insurance

2 Adherence to regulatory guidelines on information and cyber security

3 Adherence to ISO Standards on security and continuity

4 Protection against cyber threats/ Attacks

5 Awareness around IS/ BCP

6 No Leakage of customer data

Desired qualification and experience

- Graduate in Computer Science or IT

- Professionally qualified (MBA / MCA / BE / BTech) with suitable IS certifications (ISO 27001, ISO 22301, Security +, CISSP/ CISM desirable )

- Should have worked in IS function in an IT / BFSI organization

- Could also be from an Information Security background from one of the big accounting firms

- Provide 4 to 7 years of experience working on Information Security and minimum 2 to 3 years in implementing and monitoring Business Continuity and Disaster Recovery Services or handled BCP on behalf of large departments

Profile Summary:

Employment Type : Full Time
Salary : Not Mentioned
Deadline : 18th Apr 2020

Key Skills:

Taking these free online tutorials can help you get your next job

People who search this job also searched for the following Keywords


Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status