Chief Information Security Officer - BFS

POSITION DETAILS JOB SPECIFICATION

Position : Chief Information Security Officer 

Base location : Mumbai, Maharashtra 

Reporting to : CEO

- To successfully establish and maintain data/information integrity and security measures confirming to the highest global standards.

- An ideal incumbent will ensure information assets are adequately protected by identifying, managing and mitigating the risks presented by internal/external Security Threats. 

- The Post- holder will be the process owner of all ongoing activities related to the confidentiality, integrity, security and availability of information and resources of customers, business partners, employees and business information, in compliance with the organization's information security policies.

- The mandate is to identify a Competent and result oriented professional with credible experience with highly reputed business establishments having seen huge scale growth having specialized skills in Information Security & IT Risk Management.

- It is important that the post holder must possess right attitude, competence and maturity levels to understand stakeholder's vision and to work his/her way around achieving the objective.

- The role will combine a keen sense of strategic management, a flair for establishment of systems and a collaborative style of leadership.

RESPONSIBILITIES : 

- The incumbent will be responsible to manage Information Security, disaster recovery and business continuity plans. Professionals expected to quickly understand business security needs and be able to dive deeply into technology issues. 

- This person will be responsible for creating and communicating Information Security vision. He/She will ensure the Security architecture principles are well laid out and in line with the business objectives. 

- Periodic discussions with Top Management and driving Information Security team for implementing the Cyber Security Strategy for the organization.

Following are the key highlights of this role :

- Developing and implementing an Information Security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.

- Ensuring that all information systems are functioning correctly in-line with security policy. 

- In charge of IT Risk evaluations, Audits, and Security incident investigation, Forensics.

- Help the organization track interesting trends on emerging technologies that are relevant to its business and take advantage of such technology trends.

- Management of a Cyber Assurance Practice that includes policies, processes, procedures and technology that addresses Critical Business Process Identification, Departmental Risk, Sensitive Information, Systems Security Planning, Systems Configuration Management, Vulnerability Management, Electronic Discovery, as well as Compliance Management.

- Provide Strategic Risk guidance for IT projects, including the evaluation and recommendation of technical controls.