HR - Talent Acquisition at Pioneer Financial & Management Services Ltd
Views:16973 Applications:291 Rec. Actions:Recruiter Actions:109
CISO Consultant - Information Security Management - Payment Bank (3-5 yrs)
We are hiring for IT Audit consultant
CISO will be responsible for protecting the Bank's IT resources and information assets by:
- Ensuring strategic alignment of information security in support of business objectives
- Ensuring confidentiality, integrity, auditability of the Bank's IT assets
- Ensuring compliance to RBI, PCIDSS and other applicable regulations
Duties and Responsibilities :
Under the supervision of the Risk Head, the incumbent will carry out the following functions:
Information Security Governance :
- Establish and maintain a framework to provided assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations.
- Define and elaborate the information security strategy in support of the Bank's business strategy and direction
- Liaise with HR to ensure that each job description include information security governance activities
- Identity current and potential legal and regulatory issues affecting information security and assess their impact on the Bank
- Establish and maintain information security policies that support business goals and objectives.
Risk Management :
Identify and manage information security risks to achieve business objectives :
- Develop systematic, analytical and continuous risk management process.
- Ensure that risk identification, analysis and mitigation activities are integrated in projects and processes life cycle.
- Identify and analyze risks through suitable and recommended methods
Information Security Programme Management :
- Design, elaborate and manage information security programme to implement the information security governance framework.
- Establish and maintain plans to implement the information security governance framework.
- Define annual information security budget and obtain Information Security Steering Committee approval.
- Manage the information security budget in implementing the information security programme.
Information Security Management :
- Oversee and direct information security activities to execute the information security programme.
- Lead the Bank's IT security team: plan, organize, assign, supervise and monitor the work of team members
- Ensure that the rules of use for information systems and the administrative procedures for information systems comply with the Bank's information security policies.
- Ensure that services provided by other enterprises, including outsourced providers are consistent with established information security policies.
Response Management : Establish and manage capability to response to and recover from disruptive and destructive information systems events:
- Design, and implement processes for detecting and analyzing security related events.
- Develop response and recovery plans like organizing, training, and equipping teams.
- Ensure periodic testing of the response and recovery plans where appropriate.
Selection Criteria : (including desirable skills, knowledge and experience)
- BE in Information Technology, Computer Science, Information Technology or related field.
- At least three (3) years of demonstrated IT Security Management at IT infrastructure and IT applications.
- Mixed managerial, analytical and technical skills, and knowledge in all aspects of computer security in multi IT areas: database, development, network, operating systems, IT security, specific applications security, etc
- Good understanding and writing skills of computer systems security strategies, policies, principles, procedures, and standards
- Good technical knowledge and experience across multiple IT platforms and technologies:
- Windows, Unix, Linux, networking, applications concepts, databases
- Experience with networks and systems involved in keeping an organization secure
- Good technical knowledge and experience in defining access and authorization controls within the Bank's critical applications
- Good Knowledge of risk assessment processes
- Good understanding of current legal and regulatory requirements relating to information security and privacy - ISO17799/BS 7799, PA-DSS, PCIDSS, ISO 27001-2013
- Up to date knowledge of information security; industry certifications covering information security are added advantages - CISSP, CISM, CISA.
- Strong management and leaderships skills and the ability to influence senior management are essential
- Excellent written and verbal communications in English
Salary offered: 7 - 10 LPA
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.