This role is responsible for:

IT Compliance and Governance

- Identify the gaps between FICCL policies/ processes and implementation on the ground

- Mitigate the gaps by working closely along with the backend teams

- Streamline internal policies/ processes in line with ISMS policies and ensure adherence

- Timely MIS/ reporting of agreed parameters to various stakeholders including senior management, internal team and cross functional departments

- Act as a Technology SPOC for risk governance, information security and audit related queries which requires extensive interaction with Audit, Info sec and RCR department

- Act as a Technology SPOC for internal and external audit including (but not limited to) non-statutory audits, 3rd party license audits etc.

License Management :

- Custodian of software licenses which spawn across PAN India desktops and server infrastructure

- Involves timely tracking, reporting and management escalation of any deficits vis-a-vis the inventory

- Conduct regular cleanups of excess installations and design controls to prevent reoccurrence.

- Appraise FICCL management of the change in vendor licensing policy and align tracking in line with the new policy

- Front-end 3rd party license audits

Disaster Recovery :

- Functional owner of the DR setup and act as SPOC between internal teams and vendor.

- Conducting regular DR drills as per the agreed objectives and timelines

- Tracking and closure of issues identified in the DR drill

- Regular reconciliations of applications protected on DR to ensure coverage of all critical applications

- Protection and de-commissioning of applications on DR in line the ever changing Technology landscape

- Maintain and update documentation in the form of run-book for each application and the DR plan

- Responsible for defining and testing the BCP plan for the tech department and critical service providers

Antivirus :

- Functional owner of the Anti-virus setup

- Liaise with internal teams and vendor for any escalations

- Ensure 100% coverage of Antivirus components which includes AV, DLP, encryption software, Application Control etc. over desktops and servers

- Ensure compliance with encryption and data leak prevention policies

- Check vendor adherence to the processes with regards to daily/ weekly cleanups

- Evaluate, test and rollout new components in-line with new requirements

- Fine-tuning antivirus policies/ processes in line with changing Technology landscape

Project Management :

- New solution/ tool implementation in DR and Antivirus domains

- Tech Refresh/ Framework upgradein line with changing Technology landscape

People / Stake holder Management :

- Team Management (Off Role staff)

- Vendor Management

Cost & Financial management (with regards to the above) :

- AMC & Renewals

- New license procurement

Key Performance Indicators :

- Ensure 99.5% uptime of central Antivirus platform

- Effectively manage and track companywide licensing and achieve 100% license compliance.

- Ensure completion of Projects undertaken within agreed scope and timelines

- Ensure 95% antivirus compliance on desktop/ servers by deploying relevant McAfee products on endpoints

- Perform periodic DR test and ensure that protected applications can be recovered within agreed RTO with vendor

- Liaise with concerned stakeholders and ensure that newer applications are protected on DR

- Complete Actions from Internal Reviews (ITGC Audit, Continuous audit, RCSA, SORR, Monthly Risk Dashboard, InfoSec reporting, Monthly Infra reporting) in timely manner with minimal escalations

- Exhibit efficient co-ordination and inter-personal skills within team to ensure smooth execution of projects and BAU activities

- Efficient vendor management to ensure FICC deliverables are achieved with minimal deviation

- Streamline license tracking and reporting to ensure complete coverage

- Streamline internal process for smooth and reliable reporting of parameters pertaining to governance reporting

- Identify and close process gaps in line with Technology and ISMS policies

Teams Responsible for :

- Disaster Recovery partner

- Antivirus vendor and support partners

- Technology Internal teams including End user computing, Server/ DC/ Network

Teams for Compliance/ Governance and Licensing Management

Expertise required/ Domain Knowledge :

- IT Compliance and Governance

- Information Security

- Audits and risk assessment framework knowledge

- License Management

- BCP/ DR Management

- Vendor management

No. of years of relevant experience : 7 to 10 years

Any specific specialization/education :

- BE/ MBA with relevant functional expertise

- ITIL

- Information Security/ Audit related certifications

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.