JOB DESCRIPTION
POSITION NAME | Information Security Manager |
DEPARTMENT | Information Security |
REPORTINGPOSITION | CISO |
OBJECTIVE OF THE ROLE |
To manage Information Security Governance, Risk and Compliance Management Program to ensure .Compliance with Regulatory Requirements .Pro-actively identifying & providing InfoSec Risks for new Business Requests .Effective drive and govern Information & Cyber Security Program to monitor continuous improvements |
KEY RESPONSIBILITIES |
.Definition and Revision of Information and Cyber Security Policies, Processes, Standards & Guidelines
.Building & Maintaining Risk Management Program
.Managing Vendor Risk Management Program
.Building and Governance of Information and Cyber Security Assurance Program
.Managing Internal & External Audits and compliance activities
.Handling user requests to proactively identify and provide InfoSec requirements at the initial stage of activity / project (e.g. vendor engagements, confidential data requests, risk assessment etc.)
.Management of Exception Handling Process
.Guide stakeholders for remediation of Information Security observations
.Definition SOPs / Manuals for Information Security activities
.Identify new initiatives, security controls (technical / procedural) improvement areas in InfoSec Program
.Conduct POCs for new Security Solutions, implementation of new Security Practices / Processes / Controls across organization
.Ensure compliance with Information Security Policies & Processes
.Ensure Team is always audit / compliance ready
.Development & Implementation of User Awareness Program
.Supporting CISO to conduct Information Security Committee Meetings
.Work as a Subject Matter Expert for CISO
.Manage Outsource resources & developing skilled team resources
Adequate knowledge on the VAPT, application security and other security testing’s
INTERACTIONS | |
Internal Relations: IT, Legal & Compliance, PARM, Business Teams, Internal Auditors | External Relations: Information Security Service Providers / Vendors IT / Business Team Vendors Auditors |
REQUIRED QUALIFICATION AND SKILLS | |
Educational Qualifications: B.E. / B. Tech | Work Experience: 4 to 8 Years of relevant experience in Information Security Activities |
Certifications: CCNA, MCSA, CEH, ISO27001, CISM, CISA, CISSP,etc(Good to have) | |
Other skill set: .Should have good technical knowledge of various platforms / technologies and security controls .Experience of successfully managing and delivering IT risk and controls assessments .Should have technical, analytical and problem-solving skills in order to assess requirements, identify potential risks, mitigating security controls and documenting residual risk .Should have good Governance Skills .Should have good knowledge of ISO27001, IRDA, IT Act, Data Privacy Law & other regulatory requirements .Experience on implementing regulatory / compliance / policy requirements and ensuring compliance .Experience in conducting classroom user awareness sessions .Managing the assigned resources with effective delegation .Should have Team and Vendor Management Experience .Should have good communication skills to clearly communicate requirements to technical and non-technical stakeholders from across the business and all levels of seniority |
Job Description What impact will you make Every day, your work will make an impact that matters, while you thrive...
Apply For This JobJob Description Consistently delivers solid quality in both design and implementation and helps the team shape what is built how,...
Apply For This JobJob Description What impact will you make Every day, your work will make an impact that matters, while you thrive...
Apply For This JobJob Description Hi, Please find below details of a good job opportunity at Noida, we are urgently seeking to fill...
Apply For This JobJob Description Responsibilities : Plan, develop and implement org-level audit strategies with the objective of minimizing the Information security risks,...
Apply For This JobJob Description Lead Principal Auditor – Technology Findings Validation Position Overview In Scope of Position based Promotions (INTERNAL only) Job...
Apply For This Job