Information Security Governance & Compliance Role - IT

Type of Experience :

- With at least 5-10+ years of progressive experience in IT with 8 years dedicated exposure in Information Security

- Certification in CISA, CISM, CISSP, BCP \ DR, ISO 27001:2013 Lead Auditor

- Demonstrate knowledge of information security Standards and Frameworks

- Should have managed a team of InfoSec professionals

- IT Risk management and Process assurance

- Benchmark and compare security practices with the industry

- Implementation, operation and maintenance of Information Security Management System based on standards like ISO/IEC 27001, COBIT, ITIL etc as applicable

- Information security risk assessments and controls implementation

- Track audit schedules and ensure closure of all security gaps

- Co-ordinate for Risk Assessment of IT systems and Third Party vendors and partners

- Benchmark security implementation and implement security controls across all digital channels

- Evaluate and implement tools and processes to ensure compliance with internal security policies and applicable laws and regulations

Security Operations :

- Implement & monitor security solutions such as AV, EDR, IRM, MDM, Encryption

- Implementing corrective actions based on observations and trends of alerts

- Publishing dashboards to demonstrate effectiveness of tools deployed

- Baseline security for all End points, Network devices and Servers

- Manage User Life Cycle Management Processes including Identity and Access management

Data Leakage Prevention:

- Review and implement Data Leakage Prevention (DLP) tools and processes

- Review and evaluate all incidents as per DLP management procedures

- Ensure timely reporting, escalations and closure of critical incidents

- Analyze the risk or business impact of incidents and initiating adequate control measures

- Implement suitable data leakage awareness, training and educational activities

Audit and Compliance :

- Will be responsible for end-to-end management of all audits

- Facilitate statutory & regulatory audits of critical applications and systems

- Ensure Software License compliance at all times

- Review of Third Party systems and network security on monthly basis

- Adherence To Change & User Life Cycle Management Processes

Personal Attributes :

- Honest and self disciplined

- Display Business Integrity & Ethics

- Displays Leadership and team building skills

- Displays logical thinking for problem evaluation and solving