Information Security - Financial Sector

Information Security Officer - Leading MNC into Financial Sector

Purpose:

- Oversee and co-ordinate the overall information security efforts across the company.

- Identify security initiatives and standards

Operating Network:

- External: Interaction with IT Service Vendors, External Audit Teams

- Internal: Interaction with IT Teams, Group IT Teams, All Departments

Requirements Profile:

- Must be an intelligent, articulate and ersuasive leader who can serve as an effective member of the management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff.

- Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.

- Must have strong working knowledge of pertinent law and the law enforcement community.

- Must have a solid understanding of information technology and information security.

- Must possess one of the following certifications: CISM; CISSP or CISA

- Knowledge of BS 7799; ISO/IEC 27001

- Technical Skills or Certifications (advantage): PMP, CEH, CCNA, CCNP, CCDA, CCDP , etc.

Minimum relevant work experience – 4+ years of experience in Information Security (preferably financial services) industry.

Main Responsibilities/KRA’s:

- Assist Management in the strategic planning of information security policies and procedures. Work with management, department heads, the compliance officer, risk management, quality assurance, human resources, the legal department, to ensure compliance with the security and privacy regulations protecting confidentiality and privacy.

- Provide leadership, work groups and others charged with oversight of the entity’s security and privacy program.

- Monitor entity operations and systems for security compliance. Report to management on the status of security compliance.

- Review the security features of existing and new computing system to ensure that they meet the security requirements of existing policies. Review and propose changes to existing policies and procedures that reflect the existing requirements of the systems to which they apply.

- Maintain awareness of changes in security risks, security measures, and computer systems.

- Provide information on security policies and practices for employees and others.

- Receive reports of security breaches, and make recommendations to management for corrective actions.

- Perform internal audit of data access and use to detect and deter breaches.

- Oversee a network of security directors and vendors who safeguard the company's assets, intellectual property and computer systems, as well as the physical safety of employees and visitors.

- Identify protection goals, objectives and metrics consistent with corporate strategic plan.

- Manage the development and implementation of enterprise security policy, standards, guidelines and procedures to ensure ongoing maintenance of security.

- Information protection responsibilities will include network security architecture, network access and monitoring policies, employee education and awareness, and more.

- Maintain relationships with law enforcement agencies.

- Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.

- Work with outside consultants as appropriate for independent security audits.

Qualification : BE and MBA

Work Location : Mumbai

CTC : 8 Lkhs to 10 Lkhs

For Further Details Contact :
Mitalee
email : mitalee@careeravenues.net