17/03 Ivan Pinto
Senior Researcher at Venator Search Partners

Views:357 Applications:69 Rec. Actions:Recruiter Actions:63

Chief Information Security Officer - BFSI (15-27 yrs)

Mumbai Job Code: 809630

Reports to: Chief Risk Officer. Will have interface with Head-IT

Required Qualification:

- Bachelor of Engineering (relevant stream)/MCA with MBA (optional).

- Relevant certifications like CISA, IS27001 Lead Auditor, CISM, CISSP, CEH, etc.

Required Experience:

- Minimum 15 years of relevant experience with exposure to latest threats/solutions in Information Security and Cyber Security space.

- Managing Information Security for mission critical organizations preferably in BFSI organization.

- Experience in design and development of policies /procedures guidelines.

- Experience in all stages of Cyber Security like protection, detection, response & Recovery etc.

Key Responsibilities:

- Provide leadership to the organization's information security setup, governance, protection, response & recovery

- Develop, implement and monitor a strategy for comprehensive enterprise information security and IT risk management program

- Driving and sustaining ISO27001 certification for the organisation and enhance information security management framework

- Develop and enhance organisation's Information Security policies & procedure.

- Provide regular reporting on the current status of the information security program to senior management and the board of directors.

- Coordinate information security and IT risk management projects.

- Design and conduct security assessment to ensure operational security.

- Review organisations security posture/stance, threats, risks and take appropriate actions to mitigate the same.

- Oversee the periodic internal and external statutory audits and track progress of addressing the gaps identified during the audits

- Interface with the Systems and Network support and Business departments to effectively implement, and monitor security policies & guidelines.

- Selecting appropriate security solutions/tools and coordinate testing, deployment and implementation as well as outsourced arrangements (vendor & contract management). Scan relevant developments / technologies and initiate/participate in pilot/exploratory projects.

- Identify risks and build actionable plans to protect from Cyber security incidents. Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.

- Conduct Vulnerability Assessment & Penetration Testing (VA/PT) and track progress of addressing the identified risks.

- Guide & Monitor Red team, Cyber Security Drills

- Manage information security and risk management awareness training programs for staff

- Ensure that all Information security policies and procedures are communicated to all personnel and that compliance is enforced

- Communicate best practices and risks advisories across the organization

- Maintain current knowledge of the information security field, track new developments in rapidly changing technologies, threats

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.

Women-friendly workplace:

Maternity and Paternity Benefits

Add a note
Something suspicious? Report this job posting.