Chat

iimjobs

jobseeker Logo
Now Apply on the Go!
Download iimjobs Jobseeker App and get a seamless experience for your job-hunting
12/04 HR
HR - Talent Acquisition at Pioneer Financial & Management Services Ltd

Views:16973 Applications:291 Rec. Actions:Recruiter Actions:109

CISO Consultant - Information Security Management - Payment Bank (3-5 yrs)

Mumbai/Navi Mumbai Job Code: 561015

We are hiring for IT Audit consultant

CISO will be responsible for protecting the Bank's IT resources and information assets by:

- Ensuring strategic alignment of information security in support of business objectives

- Ensuring confidentiality, integrity, auditability of the Bank's IT assets

- Ensuring compliance to RBI, PCIDSS and other applicable regulations

Duties and Responsibilities :

Under the supervision of the Risk Head, the incumbent will carry out the following functions:

Information Security Governance :

- Establish and maintain a framework to provided assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations.

- Define and elaborate the information security strategy in support of the Bank's business strategy and direction

- Liaise with HR to ensure that each job description include information security governance activities

- Identity current and potential legal and regulatory issues affecting information security and assess their impact on the Bank

- Establish and maintain information security policies that support business goals and objectives.

Risk Management :

Identify and manage information security risks to achieve business objectives :

- Develop systematic, analytical and continuous risk management process.

- Ensure that risk identification, analysis and mitigation activities are integrated in projects and processes life cycle.

- Identify and analyze risks through suitable and recommended methods

Information Security Programme Management :

- Design, elaborate and manage information security programme to implement the information security governance framework.

- Establish and maintain plans to implement the information security governance framework.

- Define annual information security budget and obtain Information Security Steering Committee approval.

- Manage the information security budget in implementing the information security programme.

Information Security Management :

- Oversee and direct information security activities to execute the information security programme.

- Lead the Bank's IT security team: plan, organize, assign, supervise and monitor the work of team members

- Ensure that the rules of use for information systems and the administrative procedures for information systems comply with the Bank's information security policies.

- Ensure that services provided by other enterprises, including outsourced providers are consistent with established information security policies.

Response Management : Establish and manage capability to response to and recover from disruptive and destructive information systems events:

- Design, and implement processes for detecting and analyzing security related events.

- Develop response and recovery plans like organizing, training, and equipping teams.

- Ensure periodic testing of the response and recovery plans where appropriate.

Selection Criteria : (including desirable skills, knowledge and experience)

- BE in Information Technology, Computer Science, Information Technology or related field.

- At least three (3) years of demonstrated IT Security Management at IT infrastructure and IT applications.

- Mixed managerial, analytical and technical skills, and knowledge in all aspects of computer security in multi IT areas: database, development, network, operating systems, IT security, specific applications security, etc

- Good understanding and writing skills of computer systems security strategies, policies, principles, procedures, and standards

- Good technical knowledge and experience across multiple IT platforms and technologies:

- Windows, Unix, Linux, networking, applications concepts, databases

- Experience with networks and systems involved in keeping an organization secure

- Good technical knowledge and experience in defining access and authorization controls within the Bank's critical applications

- Good Knowledge of risk assessment processes

- Good understanding of current legal and regulatory requirements relating to information security and privacy - ISO17799/BS 7799, PA-DSS, PCIDSS, ISO 27001-2013

- Up to date knowledge of information security; industry certifications covering information security are added advantages - CISSP, CISM, CISA.

- Strong management and leaderships skills and the ability to influence senior management are essential

- Excellent written and verbal communications in English


Salary offered: 7 - 10 LPA

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.

Women-friendly workplace:

Maternity and Paternity Benefits

Add a note
Something suspicious? Report this job posting.