CRISIL - Manager - Information Security

Role : Manager, Information Security

Location :Mumbai

Exp : Minimum 8-10 years of experience in below areas

Required Skills:

- Experience in financial industry vertical is preferred, and a thorough understanding of IT specific requirements for financial industry.

- Understanding and knowledge of privacy laws and regulations, industry standards and industry frameworks (e.g. COBIT, COSO, ISO 27001, IT Act, EU Privacy Law etc)

- Experience in ISO 27001 readiness and implementation

- Experience in developing policies, standards and procedures

- Experience in managing security exception process

- Experience in developing and implementing information security audit calendar

- Performing information security audits on IT infrastructure

- Experience in planning, implementation and managing of technical security controls (Data Loss prevention, Threat management and response)

- Experience in developing and managing Application security program (Secure SDLC, VAPT)

- Experience in Application architecture review and change control board

- Experience in developing and implementing security awareness programs

- Able to assess, develop and implement information security programs including organizational design and key processes

- Excellent documentation and communication skills

Key responsibilities

- Identify and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement

- Assist in the selection and tailoring of approaches, methods and tools to support business requirements

- Demonstrate a general knowledge of market trends

- Actively participate in decision making with business and seek to understand the broader impact of current decisions

- Play substantive/lead role and information security initiatives

- Generate innovative ideas and challenge the status quo

- Participate in new solution design and work with vendor management team for procurement

- Build and nurture positive working relationships with peers and business with the intention to exceed business expectations

Qualification: Bachelor of engineering or Post graduation

Certification: CISSP, CISM or CISA a must for the candidate

Interested candidates may send in thier resume to reshma.rakesh@crisil.com mentioning the job title in the subject line. Pls also share your current CTC details.