IDBI Federal Life Insurance - Chief Information Security Officer/Senior Information Security Manager

Designation: Chief Information Security Officer - Senior Manager

Exp : 8 to 15 yrs

JD:

1. Propose Information and Cyber Security Policy (IS) to the Information Security Committee ( ISC), incorporate feedback on the implications of the policy from the ISC and other business areas into the policy-making process. Act as convener to the ISC,

2. Owns and maintains Information Security Policy and Information Security Procedures,

3. Be responsible for providing advice and specialist support to management and information users in the implementation of Information and Cyber Security Policy. Responsible for management of enterprise wide cyber security initiatives and incident management,

4. Jointly drive with functional Heads the agreed security program by providing leadership and sponsorship,

5. Promote user awareness initiatives within the organization,

6. Review and propose exceptions to the lS Policy, report any significant risk to the ISC through CRO,

7. Design a Cyber Risk Reporting framework and report to ISC as per desired frequency,

8. Work with business heads and functions to provide leadership and sponsorship to the agreed cyber security programme,

9. Translate the information security program into specific actions which shall include awareness, security infrastructure, security incident response and risk management.

10. Work closely with IT and other functional teams and implement information security projects and controls for new or identified deficiencies.

11. Conduct quarterly information security audit on select outsourced vendors,

12. Identify current and potential legal and regulatory issues affecting information security and assess their impact in conjunction with legal and compliance team.

13. Act as consultants and advisors to different stakeholders for information security matters.

14. Perform information security risk assessments on an ongoing basis and report any significant risks to ISC.

15. To design and implement a comprehensive checklist to manage information security including data security, application security, network security, endpoint security, secure logging and monitoring, cloud security, mobile security etc,

16. Build and lead the information security team with appropriate competencies and attitude to deliver the information security program. Provide complete oversight on outsourced programmes and vendors,

17. To prepare process and framework for useful utilization of SOC reports,

18. Be aware of latest developments on cyber risks and threats and highlight to ISC.

Candidate Requirement :

Qualification & Experience :

- BE/BTECH with qualification in information security (CISA/DISA or equivalent).

- S/He should have relevant experience of minimum 8-10 years and currently should be working in Information Security Management Team in either an Insurance company or a bank