Education: Post Gradutae/Graduate

Key Responsibilities:

1. Strategic

- Identify information security goals and objectives consistent with organization business need/objectives.

- Define the scope and boundaries of the information security program.

- Understand legal and regulatory requirement.

- Define information security implementation strategies.

- Define risk management framework.

- Define information security measurement metrics and other key performance indicators.

- Get approval for information security plan, budget and resources from top management.

Operational

- Define formal process for creating, documenting, reviewing, updating, and implementing security policies and Define information security policy.

- Define policy for classification of information and information assets.

- Get approval of information security policies, procedures, guidelines and processes.

- Assist in developing, maintaining, reviewing and improving strategic organization wide information security and risk management plan.

- Disseminate information security policies, procedures and guideline to all concerned.

- Enforce implementation of approved information security policies, procedures, guideline and ISMS etc.

- Periodically evaluate and review effectiveness of information security policies, procedures, standards, guideline and processes, ISMS etc.

- Monitor and react to alerts and advisories with respect to new vulnerabilities / threats

- Implement automated and continuous monitoring of security incidents.

- Maintain a record of information security incidents and breaches.

- Take remedial action to reduce / diminish the impact of information security incidents and breaches.

- Raise information security awareness among management, employees, contractors and other stake holders.

- Provide role-based training on information security to the workforce.

- Coordinate and lead in implementation of Disaster Recovery (DR)/Business Continuity Plan (BCP)

- Periodically conduct mock drill to evaluate effectiveness of DR/BCP

- Coordinate with external agencies to perform information security audit at least annually or whenever significant changes have been made in IT systems/Infrastructure.

- Prepare information security audit report along with recommendations for improving information security.

- Appraise senior management on status of information security audit findings and issue resolutions.

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.