Director - Information Security - BFSI

Responsibilities :

- Develop and maintain a comprehensive strategy for enterprise, products and information security.

- Build and drive information security programs, covering business operations, product development lifecycle, intellectual property, products including SaaS platforms, and customer information.

- Create company-wide security policies, standards, developmental and behavioral guidelines, and procedures to ensure ongoing maintenance of security.

- Identify, architect and drive security initiatives and standards. Work with Business Leaders to develop systems and processes to enable departments and employees to accomplish the security goals.

- Work with leaders across the enterprise to build, develop and deploy the enterprise GRC system

- Ensure security systems are maintained, monitored and updated. Conduct audits of internal security policies and procedures.

- Direct development, testing, and maintenance of business continuity plans for systems and customer operations.

- Investigate any security incidences and breaches, and lead incident response and business continuity teams.

- Promote information security awareness throughout the organization. Provide training and oversight to all employees, partners, vendors, or other third parties. Serve as an internal information security consultant to the organization.

Qualifications :

- Deep knowledge of Information Security, standards and best practices. Knowledge and experience deploying information security management frameworks.

- Minimum ten years of experience in a combination of risk management and information security. At least four in a senior leadership role.

- Knowledge and understanding of relevant legal and regulatory requirements, such as SOC1, SOC2, Sarbanes-Oxley Act, Payment Card Industry/Data Security Standard. Knowledge of global requirements.

- Able to effectively communicate security and risk-related concepts at executive level, and to technical and nontechnical audiences.

- Excellent interpersonal and motivational skills, able to deliver results leading cross-functional teams.

- Minimum ten years of experience in information security

- Bachelor's degree in Computer Science or equivalent experience. Master's degree a plus.

- Professional security management certification, such as a CISSP, CISM, CISA.