Head - Security Compliance - Infra/IT/Telecom

Role purpose: To ensure compliances and audits for technology security. Program management of IT SOX, NW SOX, IT IFRS, NW IFRS, Statutory and Internal Audits, Customer Data Security, Investigations, Internal reviews, ISO certifications etc. across central locations, circles and outsourcing partners. Own design and implementation of information security policies and processes. Governance of outsourcing partners, design and implement projects for improving overall security and compliance posture of the organization meeting applicable requirements with expected delivery under stringent deadline

Key accountabilities and decision ownership :

- Program management of critical statutory and regulatory compliance requirements such as IT SOX, NW SOX, IT IFRS, NW, IFRS, IFC, PCI DSS, Statutory audits, internal audits, RBI, IT Act 2008 and the relevant audits

- Ensure internal control design, implementations and maintenance within the organization and with outsourcing partners like IBM, TCS, NSN, Ericsson etc. through agreements, policies, processes, governance reviews and SLA's.

- Performing mandatory management testing, user's validation of 10K users & 1m+IDs.

- Support in CISO in reporting the organization compliance status.

- Software compliance and test internal security controls for compliance, certification, self-attestation by vendors, stores and employees

- Manage risk and compliance tools .

- Projects such as access reviews, investigations, ISO 27001, PCI DSS and other certifications, governance risk and compliance (GRC) solutions, to strengthen and enhance overall security and compliance posture of the organization.

- Provide updates to board of directors, VF Group on audits, issues, projects and risks.

- Proficiency in interacting with senior management,

- Developing business centric security Dashboard and Reports.

- Strong team management skills

- Strong budget management and Governance.

- Ability to work under stringent deadline.

Key performance indicators :

- Adherence to all relevant compliance requirement and maintenance of overall security and compliance posture of the organization

- Clearing all audits without non-conformities

- Audit management and maintenance of applicable requirements and interfacing various internal and external audits.

- Compliance reporting

Core competencies, knowledge and experience [max 5]:

- 12-15 years of full-time in Audit, Compliance Management and Infosec.

- Expertise of Internal control design, implementation and evaluation in information security and compliance in areas of SOX, ISO, PCI and related statutes, regulations and standards.

- Decision making & problem solve capability

- Senior management interaction and communication.

- Knowledge and experience of telecom technology, business processes, telecom revenue and financial processes.

- Experience of statutory and internal audits with Big 4's.

- Experience of outsourcing partner governance and SLA.