'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
EXL Service - Manager - Security Governance & Metrics
NoidaJob Description :
Position Title, Responsibility Level : Manager
Function : Global Technology (Information Security)
Span of Control : 1-2
Permanent/ Temporary : Permanent
Reports to : AVP - Information Security
Location : Noida
Basic Function :
Information Security Governance is a means to initially identify and rank the most critical risks to your business and then provide a means to monitor them continuously. A subset of enterprise governance, information security governance is critical to your organization. It provides strategic direction, ensures that objectives are achieved, risk is managed, organizational resources are used responsibly, and the success or failure of the enterprise security program is properly monitored
Security Metrics program is a strategic governance area and is seen as a key enabler for investment making for the management. The Information & Cyber Security Metrics Manager will be responsible for designing and managing the enterprise-wide Security Metrics Program to report to organization CXOs, Clients and the Board.
Essential Functions :
Governance :
- Help enhance our existing governance framework to achieve risk prioritization and continual monitoring thereby ensuring a risk-managed environment.
- Responsible for ensuring various management and cross-functional governance forum meetings with appropriate agenda design and content from respective stakeholders
- Responsible to help prepare information security updates for the Steering Committee, Board, Audit Committee
Metrics :
- Take ownership role for the establishment of a current and up-to-date Information Security and Cyber Security metrics baseline. Make use of SMART methodology for designing the metrics program.
- Publish Cyber Security metric performance data on weekly, monthly, quarterly and annual basis, and ad hoc reports as requested, in a concise and consistent manner, soliciting input from a number of sources both internal and external stakeholders
- Ensure collection and analysis of key data related Cyber Security metrics, Internal measures KPIs and KRIs reporting that is timely, accurate, consistent, complete and relevant for the purpose of providing comprehensive information for strategic Cyber Security management decisions.
- Play key role in supporting the development of capability to provide current cyber security metric inputs that may be required for regulatory reporting and audit queries
- Based upon the metrics collected the analyst prepares the monthly Cyber readiness report for submission.
- Provides a weekly, monthly, and quarterly metrics/ trend analysis reports to various levels of leadership based upon the trends observed over the review period.
- Through in-depth knowledge of Cyber Security Metrics trends/results, provide support to the SOC and IR team in the early identification of potential risks/impacts that may become apparent through inference, patterns and analysis of Cyber Security metric data, and make
Primary Internal Interactions :
- Organizational Senior Leadership Team - Steering committee, Board, Audit Committee
- 0SOC / VAPT / DLP / Malware Analysis / APT Team
- Proxy / System / AV / SCCM Teams
- Internal Audits Teams
Primary External Interactions :
- Client Counterparts
- Auditors (Big 4s)
Skills :
Technical Skills : Security Metrics Analysis, ISO 27001, PCI DSS, IOCs, Threats and Vulnerabilities, AV, Patches
Process Specific Skills :
- Security Governance, IT Governance, Risk Compliance, IT Security, Lead Audit, System Audit, SOX Audit, Lead System Auditor
- SMART Metrics Program methodology
Soft skills (Desired) :
- Good Oral and written communication skills
- Good Presentation & Public speaking skills
- Creativity and Problem Solving Skills.
- Self-motivated and Self-driven
Education Requirements : Graduation
One or more of the following certifications is desirable : CISA / CISM / CISSP / ISO27001 / CRISC
Work Experience Requirements :
Total Experience : 5 - 8 years Information Security experience with the relevant experience of 3-4 years running the Security Governance and Metrics program in a multinational company at the organizational level.
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}