Aegon Life - Manager - Information Security

Job Description: 

Aegon life Insurance Company is seeking an experienced individual to fill the role of Information Security Manager. This role will provide opportunities to:

- Create and operate appropriate, effective information & cybersecurity frameworks in an agile, data-led, highly automated organization.

- Work closely with executives across multiple disciplines in India and with our Asia/Global security teams acting as a key member of ALIC senior management

Key Responsibilities:

- Information Security Management Systems Support

- Assist in the implementation of the Information Security Management System based on the Organization Standard (IT Controls Framework), industry best practices such as ISO27K, NIST

- Perform gap analysis, Conduct Risk assessment of information security standards, create compliance reports and suggest Mitigation plans/Controls

- Leads the preparation and the implementation of necessary: Information security policies, standards, procedures and guidelines, in discussion with the departments Information SecurityCommittee, to get appropriate approvals and feedback, for implementation.

- Manages and leads the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicablelaws and regulations ((IT Act, Critical Information Infrastructure controls etc.).

- Support department and help manage implementation of information security management system.

- Conduct Information security awareness, training and educational activities to stakeholders.

- Train the Stakeholders & Conduct Audits & Assist in ISO 27001 Certification and Surveillance audit as applicable.

- IS and IT Audit Support

- Information regulatory compliance (e.g. IRDA, UIDAI, ISNP and other)

- Disaster recovery and business continuity management

- Information privacy

- Information risk management

- ITGC Control Assessment of Business applications

- Information technology controls for financial and other systems.

- Perform risk assessment, controls and documentation with expected standards (Information technology / Business process).

- Business Continuity management Systems Support as applicable

- Conduct BCMS gap assessment

- Implementation of BCMS

- Conducting Sustenance Audit, readiness Internal Audit

- Conduct Risk Assessments and build RCM

- Determine the requirement of Business- recovery and conduct Business impact Assessment

- Update, build, Create BCMS Documents, policies procedures

- Understand Risk Stagy and build risk treatment plans based on RTO, RPO

- Build BCP plan

- Conduct internal training on BCMS

- Build, Conduct BCP drill scenarios

- Certification Assistance

Requisites:

- 6-8 years experience working in Conducting Information Security audits, Internal audits, BCMS (ISO22301) ISO 27001 Certifications & Surveillance audits

- Knowledge of ISO27001 /BCM implementation / ITGC controls

- Good understanding in Insurance, Banking domain

- Strong negotiation skills

- Bachelor's degree in Computer Science, Cyber Security, or related technical field

- CISA, CISM, or other IT security certifications

- Strong oral and written communication skills

- Strong project management skills

- Ability to influence stakeholders and meet the demands of internal and external customers

Desired:

- Experience working within - Agile frameworks

- Master's degree in Business Administration