Founder at People Praxis Solutions
Views:891 Applications:23 Rec. Actions:Recruiter Actions:12
Manager - Information Security - Health Insurance (6-10 yrs)
Leading Health Insurance Company
Job Title Manager - Information Security
CTC Range : Up to 12 Lacs
Job Description -
- Lead information security team.
- Implement Information security policies, procedures, regulations, and best practices to ensure the confidentiality, integrity and availability of ManipaCigna's information and information asset.
- Implementing effective information security controls through assurance programs, risk assessments; InfoSec gap assessments, conducted system audits, third party assessment / audit, developed violation reports in alignment with security policy framework and ensure risks are mitigated on time
- Ensure information security framework is implemented as per regulatory guideline.
Team Reporting : Information Security Officers
Role Reporting ; Head IT
Key Responsibilities & Accountabilities:
- Responsible for monitoring the security operations for an organization
- Review and ensure enforcement of Information Security policies, standards, procedures and guidelines to support the organizations- information security program.
- Work closely with IT, business functional teams, Global counterpart (CIP team) for vendor assessment, implementation of information security projects, new and controls for new or identified deficiencies.
- Identify current and potential legal and regulatory issues affecting information security and assess their impact in conjunction with legal and compliance team.
- Perform information security risk assessments on an ongoing basis and report any significant risks to CISO & ISC.
- Monitor information security incident management i.e. identification, response, remediation and reporting.
- Review the self-assessment of Third parties at defined frequency to whom line of business has been outsourced.
- Be responsible for conducting security assessments and audits of Third party processes & vendors.
- Conduct Internal Audit with the help of external audit firm to verify the effectiveness of security controls
- Ensure effectiveness to the Identity management and access control by performing periodic assessments.
- Assess & record all the exception to the Information security policy.
- Ensure appropriate level awareness is spread via regular InfoSec trainings, Emailer etc.
- Govern the Antivirus, SDLP, SEE & other security compliance for endpoints, Servers, network.
- Ensure password policy is effectively implemented. Govern Security patch management & ensure adequate patch level are maintain. Vulnerability Management & Penetration testing for Application- s, Network, Endpoint & Servers.
Knowledge, Skills & Experience :
- Degree or appropriate professional qualification, with 10 years + professional experience.
- Information Security Management
- Security Operations & Audits
- ISMS (ISO 27001)
- Security Incident handling
- Compliance Management
- Risk Assessment
- Vulnerability Management
- Stakeholder Management
- Knowledge in Datacentre/Systems Administration
- Project Management/Execution
- Team Building & Leadership
Certifications & Trainings:
- Microsoft Certified Systems Administrator (Windows 2003 & 2012 server)
- ITIL V3.0 Foundation
- Certified Training on VMware vSphere V6
Preferable Candidates should be from BFSI