Talent Acquisition & HR Business Partner at Fullerton India
Views:12164 Applications:300 Rec. Actions:Recruiter Actions:62
Fullerton India - Manager - IT Compliance & Governance (6-9 yrs)
This role is responsible for:
IT Compliance and Governance
- Identify the gaps between FICCL policies/ processes and implementation on the ground
- Mitigate the gaps by working closely along with the backend teams
- Streamline internal policies/ processes in line with ISMS policies and ensure adherence
- Timely MIS/ reporting of agreed parameters to various stakeholders including senior management, internal team and cross functional departments
- Act as a Technology SPOC for risk governance, information security and audit related queries which requires extensive interaction with Audit, Info sec and RCR department
- Act as a Technology SPOC for internal and external audit including (but not limited to) non-statutory audits, 3rd party license audits etc.
License Management :
- Custodian of software licenses which spawn across PAN India desktops and server infrastructure
- Involves timely tracking, reporting and management escalation of any deficits vis-a-vis the inventory
- Conduct regular cleanups of excess installations and design controls to prevent reoccurrence.
- Appraise FICCL management of the change in vendor licensing policy and align tracking in line with the new policy
- Front-end 3rd party license audits
Disaster Recovery :
- Functional owner of the DR setup and act as SPOC between internal teams and vendor.
- Conducting regular DR drills as per the agreed objectives and timelines
- Tracking and closure of issues identified in the DR drill
- Regular reconciliations of applications protected on DR to ensure coverage of all critical applications
- Protection and de-commissioning of applications on DR in line the ever changing Technology landscape
- Maintain and update documentation in the form of run-book for each application and the DR plan
- Responsible for defining and testing the BCP plan for the tech department and critical service providers
Antivirus :
- Functional owner of the Anti-virus setup
- Liaise with internal teams and vendor for any escalations
- Ensure 100% coverage of Antivirus components which includes AV, DLP, encryption software, Application Control etc. over desktops and servers
- Ensure compliance with encryption and data leak prevention policies
- Check vendor adherence to the processes with regards to daily/ weekly cleanups
- Evaluate, test and rollout new components in-line with new requirements
- Fine-tuning antivirus policies/ processes in line with changing Technology landscape
Project Management :
- New solution/ tool implementation in DR and Antivirus domains
- Tech Refresh/ Framework upgradein line with changing Technology landscape
People / Stake holder Management :
- Team Management (Off Role staff)
- Vendor Management
Cost & Financial management (with regards to the above) :
- AMC & Renewals
- New license procurement
Key Performance Indicators :
- Ensure 99.5% uptime of central Antivirus platform
- Effectively manage and track companywide licensing and achieve 100% license compliance.
- Ensure completion of Projects undertaken within agreed scope and timelines
- Ensure 95% antivirus compliance on desktop/ servers by deploying relevant McAfee products on endpoints
- Perform periodic DR test and ensure that protected applications can be recovered within agreed RTO with vendor
- Liaise with concerned stakeholders and ensure that newer applications are protected on DR
- Complete Actions from Internal Reviews (ITGC Audit, Continuous audit, RCSA, SORR, Monthly Risk Dashboard, InfoSec reporting, Monthly Infra reporting) in timely manner with minimal escalations
- Exhibit efficient co-ordination and inter-personal skills within team to ensure smooth execution of projects and BAU activities
- Efficient vendor management to ensure FICC deliverables are achieved with minimal deviation
- Streamline license tracking and reporting to ensure complete coverage
- Streamline internal process for smooth and reliable reporting of parameters pertaining to governance reporting
- Identify and close process gaps in line with Technology and ISMS policies
Teams Responsible for :
- Disaster Recovery partner
- Antivirus vendor and support partners
- Technology Internal teams including End user computing, Server/ DC/ Network
Teams for Compliance/ Governance and Licensing Management
Expertise required/ Domain Knowledge :
- IT Compliance and Governance
- Information Security
- Audits and risk assessment framework knowledge
- License Management
- BCP/ DR Management
- Vendor management
No. of years of relevant experience : 7 to 10 years
Any specific specialization/education :
- BE/ MBA with relevant functional expertise
- ITIL
- Information Security/ Audit related certifications
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.