JOB DESCRIPTION
POSITION NAME | Information Security Manager |
DEPARTMENT | Information Security |
REPORTINGPOSITION | CISO |
OBJECTIVE OF THE ROLE |
To manage Information Security Governance, Risk and Compliance Management Program to ensure .Compliance with Regulatory Requirements .Pro-actively identifying & providing InfoSec Risks for new Business Requests .Effective drive and govern Information & Cyber Security Program to monitor continuous improvements |
KEY RESPONSIBILITIES |
.Definition and Revision of Information and Cyber Security Policies, Processes, Standards & Guidelines
.Building & Maintaining Risk Management Program
.Managing Vendor Risk Management Program
.Building and Governance of Information and Cyber Security Assurance Program
.Managing Internal & External Audits and compliance activities
.Handling user requests to proactively identify and provide InfoSec requirements at the initial stage of activity / project (e.g. vendor engagements, confidential data requests, risk assessment etc.)
.Management of Exception Handling Process
.Guide stakeholders for remediation of Information Security observations
.Definition SOPs / Manuals for Information Security activities
.Identify new initiatives, security controls (technical / procedural) improvement areas in InfoSec Program
.Conduct POCs for new Security Solutions, implementation of new Security Practices / Processes / Controls across organization
.Ensure compliance with Information Security Policies & Processes
.Ensure Team is always audit / compliance ready
.Development & Implementation of User Awareness Program
.Supporting CISO to conduct Information Security Committee Meetings
.Work as a Subject Matter Expert for CISO
.Manage Outsource resources & developing skilled team resources
Adequate knowledge on the VAPT, application security and other security testing’s
INTERACTIONS | |
Internal Relations: IT, Legal & Compliance, PARM, Business Teams, Internal Auditors | External Relations: Information Security Service Providers / Vendors IT / Business Team Vendors Auditors |
REQUIRED QUALIFICATION AND SKILLS | |
Educational Qualifications: B.E. / B. Tech | Work Experience: 4 to 8 Years of relevant experience in Information Security Activities |
Certifications: CCNA, MCSA, CEH, ISO27001, CISM, CISA, CISSP,etc(Good to have) | |
Other skill set: .Should have good technical knowledge of various platforms / technologies and security controls .Experience of successfully managing and delivering IT risk and controls assessments .Should have technical, analytical and problem-solving skills in order to assess requirements, identify potential risks, mitigating security controls and documenting residual risk .Should have good Governance Skills .Should have good knowledge of ISO27001, IRDA, IT Act, Data Privacy Law & other regulatory requirements .Experience on implementing regulatory / compliance / policy requirements and ensuring compliance .Experience in conducting classroom user awareness sessions .Managing the assigned resources with effective delegation .Should have Team and Vendor Management Experience .Should have good communication skills to clearly communicate requirements to technical and non-technical stakeholders from across the business and all levels of seniority |
Job Description Division: ITIS Department: ITSEC Job Location: MSIL Gurgaon Job Role: Information Security Program Manager Level in the organization:...
Apply For This JobJob Description : Job Responsibilities : 1. Responsible to build, test and maintain the infrastructure and toolsto allow the speedy...
Apply For This JobJob Description What impact will you make Every day, your work will make an impact that matters, while you thrive...
Apply For This JobManage the data center hosting operations & Window Server Infrastructure for a regional Data Center for Honeywell. You will work...
Apply For This JobJob Description IS Security Specialist Take your next career step at ABB with a global team that is energizing the...
Apply For This JobJob Role Handle the Data Privacy Program independently Maintain and update Data Privacy Policies, Procedure, Templates & Process documents as...
Apply For This Job